Skip to content

Catherine Di Lorenzo

Counsel

Luxembourg

Di Lorenzo Catherine
Catherine Di Lorenzo

Counsel

Luxembourg

Catherine specialises in the fields of data protection, cybersecurity, IT contracts and negotiations, e-commerce, advertising, media and telecommunications, intellectual property and regulatory issues (notably regarding digitalisation projects, including IT outsourcing in the financial, funds and insurance sectors). Catherine has a particular interest in the life sciences sector and regularly assists clients on regulatory, contractual, IP and data protection related questions in these sectors. She also advises on Luxembourg contractual law and other general civil law related matters.

Catherine regularly assists multinational companies from various sectors with respect to their data protection compliance (including cookie consent aspects, filing of data breach notifications, handling of data subject access requests, drafting and negotiation of processing agreements, etc.), regarding investigations from data protection authorities and on specific projects involving personal data (e.g. use of geo-location or biometric data, Internet of Things, artificial intelligence, machine-learning and Binding Corporate Rules). Catherine also regularly advices clients (in close cooperation with the Litigation team) on investigations from Luxembourg authorities or data requests under mutual cooperation procedures.

Catherine also assists several clients with respect to their digitalisation projects and IT contracts (including all intellectual property related aspects thereof, for instance in case of joint software development projects) and IT outsourcing projects, including filings with the financial sector supervisory authority, drafting and negotiation of outsourcing contracts and investigations.

She also advises clients on questions relating to trademarks, copyright and trade secrets and on the drafting of agreements with third parties (e.g. license agreements, coexistence agreements, etc.).

Catherine is a member of APDL (the Luxembourg association for data protection), FedISA (the Luxembourg chapter of an international electronic archiving community) and ITechLaw. She is also a member of Cloud Community Europe-Luxembourg and is a member of the Data Protection Forum, the ICT Forum, and of the Trust and Cyber security Forum of the Luxembourg Bankers' Association (ABBL).

Catherine is also visible in the Luxembourg market through her participation in technical working groups and speaking engagements. She has lectured IT law at the University of Luxembourg. She is ranked “Band 3” by Chambers Europe 2020 and as a “Rising Star” by Legal 500 2020.

News & insights

Abstract graphic

Publications: 19 JUNE 2020

Covid–19 coronavirus: emerging data protection and cybersecurity guidance (Updated 18 June 2020)

The Covid-19 coronavirus is creating a need for organisations to process personal data, for a variety of specific purposes (including managing and protecting their workforce, customers and the…

Read more
Two people using laptops

Publications: 21 MAY 2020

Podcast: Internet of Things - key legal issues

The exponential growth in the use and complexity of the Internet of Things (IoT) in recent years has resulted in exciting developments for businesses and benefits for the consumer. The IoT relies on…

Read more

Publications: 18 MARCH 2020

Digital transformation

Digital transformation, built on IT cornerstones of cloud, mobile, social and big data, is affecting all industries. 

Read more

Publications: 16 DECEMBER 2019

Protection of whistleblowers: What are the employer’s obligations?

As the new directive on whistleblowers must be transposed at the latest by 17 December 2021, employers should start thinking about how to implement their future obligations.

Read more

Office

Luxembourg

Allen & Overy
5 Avenue John F. Kennedy, L-1855 
Luxembourg

View office →

Qualifications

Professional

Admitted as avocat à la Cour, Luxembourg, 2010

Admitted to the Luxembourg bar under her professional home title, 2006

Admitted as Rechtsanwalt, Germany, 2006

Referendarin, Germany, 2003-2005

Academic

Doctorate in law, University of Trier, 2013

Second German Law Degree, Oberlandesgericht Koblenz, 2005

First German Law Degree, University of Trier, 2003

Published work

"Protection des données personnelles - recueil de textes" (co-author, 2019)

"La sous-traitance informatique dans le secteur financier - cadre légal et implications pratiques" (co-author, ALJB 2014)

"Probleme der strafrechtlichen Produkthaftung von Vorstandsmitgliedern einer Aktiengesellschaft für das Zustandekommen eines rechtswidrigen Beschlusses - Haftung für vorsätzliches positives Tun bei Zustimmung, Enthaltung und Gegenstimme" (Europäische Hochschulschriften 2013)

"Luxemburg als Vorreiter - Chance e-Archivierung" (interview Lëtzebuerger Journal, February 2013) 

"VoIP: une activité réglementée ?" (AGEFI, January 2010) 

"IT outsourcing in Luxembourg: impact of outsourcing in practice" (four-parts article, AGEFI, September 2009, October 2009, November 2009 and December 2009) 

Global Privacy and Security Law – Luxembourg chapter (Aspen Publishers, 2009) 

"La biométrie ou comment faire de l’homme une donnée" (ITNews, November 2008)