About Us
The Privanova

Privanova is a boutique privacy compliance and risk management consultancy based in Paris. We advocate Privacy by Design, and a pragmatic, business-aware approach to data protection management. We translate complex GDPR rules into actionable items and help our clients achieve and proactively demonstrate compliance and accountability.

Our unique interdisciplinary approach to privacy risk management combines legal, technical, and organisational measures allowing our customers to secure their operations. We provide our customers the clarity they need to take balanced business decisions based on their organisations’ risk appetite.

Why work with us

We have in-depth knowledge of local regulation across different jurisdictions and combine it with international experience.

Our experts managed both small and large-scale compliance projects and have a hands-on-business approach to privacy, data protection and information security management.


Our consultants worked with INTERPOL, UN, EU, large companies as well as SMEs on local, regional and International projects.


To ensure truly Privacy by Design approach, we seamlessly integrate your teams, and work in functional groups ensuring legal and technical expertise.


Our services are flexible: tailored to fit the nature of your project, and the size of your team while achieving your compliance targets and business goals.


We work with a selected list of technology and service providers so that you get solutions covering all aspects of your compliance project.

Clients we work with

We work with startups, blue-chip companies, consultancies, law firms, pharmaceutical companies, government departments, and international organisations.

In fact, we provide our services anywhere where good privacy compliance and sound personal data management play a key role.

Case Studies

DPIA for an eCommerce Fidelity Program

DPIA for an eCommerce Fidelity Program

DPIA for an eCommerce Fidelity Program Challenges The client – an eCommerce business based in Bulgaria, launched a fidelity programme that needed to be compliant with local and EU rules. Firstly, it was necessary to understand the impact of the GDPR on their project. Secondly, the client requested a detailed action plan outlining the measures
GDPR Compliance for a gaming Startup

GDPR Compliance for a Gaming Startup

GDPR Compliance for a Gaming Startup Challenges Following a compliance order from an EU-based Data Protection Authority (DPA), a Serbian IT Startup running an online gaming platform needed to implement GDPR compliance programme and nominate a DPO within a relatively short deadline. Solutions After the initial meeting with the client, Privanova promptly provided the client
Privanova - data sharing agreement

Data Sharing for a Pharma Company

Data Sharing for a Pharma Company Challenge We were contacted by an EU-based pharmaceutical company with several subsidiaries in the Balkans region. For HR purposes, the holding company and its subsidiaries share employee personal data. Besides this, the group shares sensitive personal data including information from medical trials. The client wanted to be sure these

How We Work

From the first meeting to successful delivery, our work methodology is based on four simple steps.









Our Partners

Get our corporate brochure