Stefan Panic is an IPT lawyer with more than 15 years of broad experience advising Austrian and multinational clients and specializing in data protection, IT and eCommerce, as well as telecommunications law.

Beyond his specializations, Stefan also provides advice in matters of general civil and commercial law as well as public (administrative) law. He also advises on legal matters related to block-chain technology, artificial intelligence and cyber security.

Stefan has advised in numerous GDPR implementation projects and continuously advises clients on various GDPR issues, including data breaches, has an extensive experience in data protection proceedings before the Austrian Data Protection Authority, and regularly speaks and writes on various data protection topics.

Stefan has also completed a number of secondments with Austrian and multinational clients and has in this way gained valuable experience working as an in-house lawyer.

Selected representations

  • Comprehensive advising and representation of a leading petrochemical company in respect to drafting and negotiating licence agreements and other contracts (virtual secondment)*
  • Continuous advising and representation of one of the leading communications services and networks providers in Austria in the field of data protection*
  • Supporting and advising a leading Austrian construction company with an international footprint in connection with the implementation of NIS2 requirements*
  • Supporting and advising an Austrian company with an international footprint in connection with a data breach in 35 jurisdictions*
  • Continuous advice in the field of satellite law*
  • Advising a major IT consultant business on a number of IT outsourcing projects*
  • Advising a major Austrian bank on Austrian data protection issues in the course of pre-trial discovery in the USA*
  • Advising on compliance measures regarding data protection for a leading consultancy company, including setting up complex data applications such as whistleblowing hotline or data loss prevention systems*
  • Advising on compliance measures regarding data protection in Austria for a leading global pharmaceutical company, especially in connection with the setting up of a whistleblowing hotline*
  • Advising an international bottling company and an international wholesale company on GDPR compliance implementation*
  • Advising a plant manufacturing company on their software setup, including the use of open source software*
  • Advising an international IT consultancy company in respect to drafting and negotiations of IT and outsourcing agreements with various clients (secondment)*

* Advice prior to joining bpv Huegel

 

Publications and Lectures

  • 2024: „KI-Recht praktisch erklärt“, the guide to AI-Act and other relevant regulation (together with Fabian Herbst)
  • February 2020, “Changes in the regulation for image processing” (together with Benedikt Wolf)
  • December 2018, “Cookie Walls / Paywalls Hybrids are permissible?”, assessment of aDPA decision on cookie walls in Austria (together with Miroslav Jakubek)
  • December 2018, “Austria: “Cookie Walls Paywalls” hybrids are permissible?”, assessment of a DPA decision on cookie walls (together with Miroslav Jakubek)
  • November 2018, “Correlation between the GDPR and Bitcoin Blockchain” (together with Miroslav Jakubek)
  • January 2018, “Data protection for personal data of legal entities in Austria under the GDPR”?
  • May 2017, Austria: draft GDPR implementation act
  • July 2016, “Data Protection Rules with USA” (diepresse.com)

SEMINARS (selection)

  • Continuously since 2024: co-lecturer at the training course “AI manager” and series of lectures on AI Act (Austrian Standards)
  • 21 June 2024, NIS-2: Neustart der Cyberregulierung für Unternehmen
  • 13 March 2024, Business Breakfast, DLA Piper, “Cybercrime Recap”
  • 19 October 2023, Business Breakfast, DLA Piper “Data Breach/Cyber-Attack”
  • June 2019, DGRI Three Countries Summit – “Smart Factory / Data Lakes – Case Study” (co-lecturer)
  • May 2019, Austrian IT Law Day – “Data protection requirements for means of communication in a company”
  • February 2018, Forum for the medical products traders, Chamber of Commerce ofUpper Austria – “The new EU General Data Protection Regulation”
  • May 2017, World IP Day 2017, Austria Wirtschafts Service – “Big Data – Challenge for the economy”

Memberships
Vienna Bar Association

Rankings | Awards
Recommended for Data Privacy and Data Protection in Austria, Legal 500 EMEA, 2023,2024 and 2025

CV
University of Vienna, Mag. iur., 2009

Languages
German, English, Bosnian, Croatian, Serbian

Our use of cookies

We use necessary and functionality cookies to make our site work. We only use analytics cookies to improve our website if you enable them. By using this tool for individual settings of the cookies, we will send a cookie to your device to remember your preferences.

For more detailed information about the cookies we use, see our Cookies Policy.

Necessary Cookies Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect the website functions.

Functionality Cookies

Functionality cookies allow users to customise how a website looks for them: they can remember usernames, language preferences and regions. We use functionality cookies for storing your user preferences and remembering if you have been to the site before so that messages intended for first-time users are not displayed to you. These cookies do not collect information about you that could be used for marketing purposes and do not remember where you have been on the Internet.

You may disable these cookies with the button, but you should be aware that any preferences will be lost and you will have to make them again on your next visit. It is also possible that the website will not work properly or you will lose some functionality.

Analytics cookies (including US providers)

"Web analytics cookies" collect aggregated information about user behaviour to improve our website. We would like to use such cookies from Google Analytics to improve our website by collecting and evaluating information about the use of our website. The provider of Google Analytics is Google LLC, which is based in the USA. The USA is not certified by the European Court of Justice as having an adequate level of data protection. In particular, there is a risk that your data may be accessed by US authorities for control and monitoring purposes and that no effective legal remedies are available against this. By activating the button under "Web analytics cookies (including from US providers)", you agree that we may set these cookies and that you also agree to the transfer of data to the USA. You can revoke your consent at any time via the cookie settings on our website.