Elise Dufour

Biography

Languages - English, French
Jurisdiction - France

Elise advises French and international clients on their digital transformation projects, both in advisory and litigation. She has developed in-depth expertise in high-impact sectors such as healthcare, media, and hospitality, and regularly assists IT service providers (ESNs) across a broad range of services, particularly in the growing field of artificial intelligence.

Her practice covers strategic issues such as data governance and security (personal and non-personal data), digital asset monetization, IT project structuring (cloud computing, SaaS, open source, AI), and the protection of online intangible assets (e-reputation, domain name strategy, AdWords). She also supports clients in the rollout of e-commerce platforms, whether for websites or mobile applications.

Elise serves as Vice President of the Cyberlex association, is listed as a WIPO Parl.fr expert, and is a certified Data Protection Officer. Recognized for her leadership in the field, she was awarded a gold medal in digital health law and a silver medal in digital law by Décideurs magazine.

She is also recognised by the major rankings, such as Best Lawyer and The Legal 500.

Experience

International Hotel Asset Management Group – External DPO & AI/HR Tech

Acted as external Data Protection Officer (DPO) for a multinational company in the hospitality sector. Provided strategic, operational, and regulatory guidance. Assisted with the implementation of an HR tool managing employee data through AI (talent identification, career management and training). Conducted impact assessments and ensured compliance for high-risk AI systems. Supported recruitment processes and contract negotiations with providers, including regulatory guidance for high-risk AI data processing.
AI Technology Provider – LLM Contracts & Compliance

Assisted a technology company specializing in Large Language Model (LLM) solutions in drafting and negotiating implementation contracts for deploying LLM solutions with end clients and distribution partners. Ensured legal compliance and alignment with contractual and regulatory requirements.
Healthcare Group – AI Health Tech Evaluation

Supported a major healthcare provider in evaluating an AI-powered solution for X-ray analysis and surgical decision-making. Assessed whether the tool constituted a high-risk AI system and/or a medical device, ensuring compliance with medical and AI regulations.

Luxury Goods Company – External DPO

Served as external DPO for a historic luxury brand, ensuring full GDPR and data protection compliance for all French and international operations.
Global Pharmaceutical Group – External DPO

Served as external DPO for a leading company in the pharmaceutical sector specialising in biopharmaceutical research, development, and commercialisation. Provided monthly compliance management and regulatory guidance.
Tourism and Hospitality Group – External DPO

Served as external DPO for a major group specialising in vacation rentals and holiday packages across Europe. Managed ongoing compliance.
European Healthcare Group – DPO Advisory

Provided advisory support to the in-house DPO of a major European healthcare group on an as-needed basis.
Life Sciences Company – DPO Advisory

Provided specialised advisory support to the in-house DPO of a major company in the life sciences sector on an as-needed basis.
Pharmaceutical Retail Group – External DPO

Served as external DPO for a company in the pharmaceutical retail sector, providing compliance management and regulatory guidance.
Pharmaceutical Group – External DPO

Served as external DPO for a company in the pharmaceutical sector, providing compliance management and regulatory guidance.