Homepage People

Stéphanie De Smedt

Partner - Attorney at Law

Stéphanie De Smedt, Partner, heads the firm's Tech & Commercial practice, which includes data protection & cybersecurity. She is also involved in the firm-wide life sciences & healthcare practice.

Stéphanie focuses on technology law in the broad sense. She guides clients through complex contract drafting and negotiation, and advises clients on pre-litigious and regulatory matters. Through her broad background in commercial law (distribution law, unfair market practices, consumer regulations) and IP/ICT law (technology transfers, counterfeit disputes, e-commerce regulations, and software/IT contracting), Stéphanie is the go-to person for clients active in the technology and digital economy industry. Topics such as cybersecurity, artificial intelligence and new technologies in general (and in the life sciences industry in particular) are part of her core focus areas.

Throughout her career, Stéphanie has developed a recognised expertise in regulatory compliance, more specifically - as CIPP/E certified expert - in relation to the protection of personal data (GDPR compliance frameworks, data breach management, etc.) and cybersecurity matters (NIS2, DORA, etc.). She has managed multiple large scale GDPR audits and “privacy by design” projects, represented clients in high-profile data protection litigation before the Belgian Data Protection Authority and the Belgian courts, and regularly assists clients with setting-up compliant contracts and compliance frameworks. Recently, she has been advising clients on compliance with new EU regulatory frameworks such as the AI Act, the Data Act, DSA/DMA, etc.

In her areas of expertise, Stéphanie represents clients in court, before the Belgian Data Protection Authority and in alternative dispute resolution proceedings.

Finally, she has been appointed by CEPANI, the Belgian Centre for Arbitration and Mediation, to act as Third-Party Decider in alternative dispute resolution proceedings for .be domain names.

Expertises

Sectors & Markets

Life Sciences & Healthcare

Topics

Digital Economy Regulatory and Criminal Enforcement Reform of contract law in Belgium New federal government in Belgium

06-10-2025

Advising Arrive Group on strategic acquisition of Be-Mobile
15-07-2025

Clarebout and Simplot unite in strategic industry deal
18-11-2024

ASHG expands with key Belgian hotel acquisitions
21-12-2021

Loyens & Loeff congratulates Nitro Software for the acquisition of eSign leader Connective

30-11-2021

Loyens & Loeff congratulates Balta Group with the sale of its Rugs, Residential PP and Non-Woven bu

07-10-2025

Belgium privacy impact assessment guidance note
12-09-2025

The countdown is over: the EU Data Act is now a reality
03-09-2025

Data Act: requirements on customer switching and portability
26-08-2025

EU Data Act: New unfair contractual terms in B2B data-sharing agreements

19-08-2025

EU Data Act: New obligations for data holders of connected products and related services
12-08-2025

Enforcement and penalties under the Data Act
04-08-2025

The second wave of AI Act provisions enters into force
24-07-2025

Legal 500 Country Comparative Guide 2025: Belgium’s Data Protection & Cybersecurity landscape

06-07-2025

Belgium’s healthcare system: structure, reforms and outlook
11-06-2025

Trends in Life Sciences M&A: Cybersecurity and AI take center stage
24-03-2025

Chambers cybersecurity guide 2025
07-02-2025

New federal government in Belgium

03-02-2025

First set of provisions under AI Act take effect
10-01-2025

The Final Countdown: Prepare for DORA Compliance by 17 January 2025
13-12-2024

Five new partners appointed this year
10-12-2024

The EU Cyber Resilience Act

15-10-2024

Belgium moves forward with transposition of new EU cybersecurity rules
19-09-2024

Upcoming EU Commission Consultation on New Standard Contractual Clauses for Data Transfers
18-09-2024

NIS2 compliance: are your cybersecurity practices up-to-date?
05-06-2024

Adoption of the AI Act: What does it entail?

07-05-2024

Navigating Data Protection in Belgium: 2024 Legal 500 comparative guide
05-04-2024

Key changes and implications in Belgian tort law
19-02-2024

Belgium is getting ready for the Digital Services Act: Are you impacted?
15-02-2024

The Digital Services Act – Are you impacted and how?

20-03-2023

Potential practical challenges regarding the implementation of the DORA
28-02-2023

Enforcing ESG obligations in supply contracts
17-01-2023

The Digital Operational Resilience Act has been adopted
13-01-2023

CJEU clarifies: right of access equals knowing who received your personal data

04-01-2023

Loyens & Loeff Belgium appoints new partner and counsel
21-12-2022

Sustainability considerations in B2C relationships
05-07-2022

New rules for B2C contracts: enforcement of consumer rights
29-06-2022

New rules for B2C contracts: pricing & payment

23-06-2022

New rules for B2C contracts: distance selling and off-premises sales
15-06-2022

New rules for B2C contracts: examples of unfair market practices
07-06-2022

New rules for B2C contracts: time for a checkup of your terms and conditions
07-03-2022

Data Protection Authorities say no to Google Analytics: what’s next?

15-02-2022

Belgian DPA holds that IAB’s consent framework infringes GDPR
23-12-2021

Update Standard Contractual Clauses for international personal data transfers
02-12-2021

EDPB publishes guidelines on interplay territorial scope GDPR and international transfers
20-10-2021

Processing of personal data on eID card for customer loyalty cards

23-04-2021

EU Whistleblower Directive: New standards across all sectors
14-04-2021

Loyens & Loeff Belgium ranked in The Legal 500 EMEA
02-02-2021

Loyens & Loeff Belgium strengthens the practice Corporate Investigations
18-11-2020

Transfers following Schrems II: more clarity

05-11-2020

How will the B2B Law affect distribution and services agreements?
29-10-2020

How will the B2B law affect general terms and conditions?
28-10-2020

A regulator’s perspective: cloud outsourcing in the insurance sector
26-10-2020

Data Protection Summer Dive

15-10-2020

New rules on B2B contracts in Belgium – are you ready?
17-07-2020

Schrems II, the day after
16-07-2020

Privacy shield out, fortunately we still have the model contracts
11-06-2020

Combatting COVID-19: have you got the right temperature to shelter you from the storm?

12-05-2020

Belgian Data Protection Authority scrutinised by Brussels Markets Court
21-04-2020

Belgian Data Protection Authority releases recipe for compliant cookies
15-04-2020

Loyens & Loeff Belgium ranked in The Legal 500 EMEA
03-04-2020

Export and sales restrictions in times of COVID-19

18-02-2020

Belgian DPA publishes direct marketing guidelines
28-01-2020

World Data Privacy Day – What can we expect from the Belgian Data Protection Authority in 2020?
08-01-2020

Did your cookies policy survive the Christmas holiday?
03-12-2019

Belgian Data Protection Authority – again – imposes GDPR fines on public officers

29-03-2019

Members Belgian Data Protection Authority (finally) appointed
14-11-2018

New rules on influencer marketing in Belgium

Memberships

Brussels Bar (Nederlandse Orde van Advocaten), 2012

iTechLaw (International Association of Technology Lawyers)

IAPP (International Association of Privacy Professionals)

Professional Union of DPOs in Belgium (DPO-Pro)

Qualifications

LL.M. in European Competition and Intellectual Property law, Université de Liège (Belgium), 2012

Master in law, Katholieke Universiteit Leuven (Belgium), 2011

Summer school in international business, Haas Business School, University of California (Berkeley, United States), 2010

CIPP/E Certification (IAPP)

Publications

• De Smedt, S., Surinx, D. (2022). Gebruik biometrische gegevens: ondernemingen hopen op wetgevend initiatief. De Juristenkrant

• De Smedt, S., Caproni M. (2019). Praktische gids privacy in de onderneming. Belgium: Wolters Kluwer

• De Smedt, S., Verstraeten V. (2018). GDPR Implementation Series - Belgium: Substantial Reform of Supervisory Authority and Framework Implementing Act Finally Adopted. European Data Protection Law Review, Lexxion, (Volume 4, issue 3), 353 - 359

• De Smedt, S., van Waesberge, C. (2016). Cybersecurity and Data Breach Notification Obligations Under the Current and Future Legislative Framework. European Data Protection Law Review, Lexxion (Volume 2, issue 3), 391 - 398

• De Smedt, S. (2016). Data Protection May Have to Yield in IP Infringement Cases. European Data Protection Law Review, Lexxion, (2015/4), 316 - 320

What others say

"Stéphanie De Smedt is a highly available and splendid communicator with in-depth knowledge in data protection and cybersecurity combined with thorough knowledge of the industry and sector."

Legal 500 - EMEA (2025)

"Since the appointment as partner of Stephanie de Smedt the team has experienced a significant boost and is now a reference in Belgium and abroad."

Legal 500 - EMEA (2025)

stéphanie De Smedt is highly available and responsive with practical and intelligible advice in complex matters. She understands the legal needs of technology-driven companies."

Legal 500 - EMEA (2024)

"For every request received from our business, Stéphanie De Smedt makes her best effort to concretely understand the business need in the current case and our expectations from the firm in this respect. This helps to ensure that we, as a client, receive high-quality legal advice on privacy/data protection matters, adjusted to our expectations at that particular moment."

Legal 500 - EMEA (2024)

"Clearly, Stéphanie De Smedt leads the practice very well. She has very good pragmatic feedback that enables clients to have a realistic risk-exposure approach. She is highly responsive and fully reliable to meet deadlines."

Legal 500 - EMEA (2024)

"It's a true pleasure working with the superbly knowledgeable Stéphanie De Smedt, who quickly spots the sensitive topics in the case and offers practical solutions."

Legal 500 - EMEA (2024)

Sharp and always looking for cutting edge advice. I would emphasize the work of Stéphanie De Smedt."

Legal 500 - EMEA (2024)

Stéphanie De Smedt named "Next generation partner" in EU Regulatory: Privacy and Data Protection

Legal 500 - EMEA (2024)

‘Stéphanie De Smedt: Asked great questions to help develop our strategy. She worked hand and hand with Hakim in putting together our strategy and provided timely advice as we learned the Belgium legal system. Was extremely flexible in responding to last-minute requests.’

Legal 500 - EMEA (2023)

In most cases we communicate directly with Stéphanie de Smedt. Stéphanie is able to always find a suitable communication approach depending on what client’s departments/functions are involved into a discussion of a project.’

Legal 500 - EMEA (2023)

Stéphanie De Smedt named "Rising star" in EU Regulatory: Privacy and Data Protection

Legal 500 - EMEA (2023)

Stéphanie de Smedt is an expert in the field of data protection, including on key and complex topics such as sensitive data, transfers outside of the EU and data protection impact assessments. She always provides pragmatic advice of a great quality as well as recommendations at a strategic level, taking into account the business needs and the reality of industry practice.’

Legal 500 - EMEA (2023)

Stéphanie De Smedt is consistently excellent, and very responsive, in my experience.’

Legal 500 - EMEA (2023)

Stéphanie De Smedt is highly available and responsive with practical and intelligible advice in complex matters. She understands the (legal) needs of technology driven companies.’

Legal 500 - EMEA (2023)

Stéphanie De Smedt named "Rising star" in EU Regulatory: Privacy and Data Protection

Legal 500 - EMEA (2022)

"Stéphanie De Smedt is a GDPR expert with multinational (i.e., outside the EU) experience."

Legal 500 - EMEA (2022)

Rising Star - "Stéphanie de Smedt is a very good lawyer, quick reaction, sound advice."

Legal 500 - EMEA (2022)

Stéphanie De Smedt – "always responsive, very smart" "Stéphanie De Smedt has excellent insights. She is courteous and great to work with"

Legal 500 - EMEA (2021)

Stéphanie De Smedt

Partner - Attorney at Law

+32 2 773 23 77

stephanie.de.smedt@loyensloeff.com

Brussels, Amsterdam

Dutch, English, French

LinkedIn Download vCard

<p>Stéphanie De Smedt, Partner, heads the firm's Tech & Commercial practice, which includes data protection & cybersecurity. She is also involved in the firm-wide life sciences & healthcare practice.</p>

Insights

Topics

News & Events

Featured

Services

Sectors & Markets

Expertise

Featured

Stéphanie De Smedt

Partner - Attorney at Law

Work highlights