Global Compliance Programs & GDPR Readiness. We assist emerging and public companies (e.g., FTSE 100 and Fortune 500) with global compliance programs that facilitate business objectives and growth while mitigating regulatory and litigation risk. Clients that collect and process data related to customers, website visitors, employees and other individuals and use that data in connection with customer service, HR functions, big data analytics, product and service development, and strategic planning regularly call on us to provide efficient and business-sensitive advice on managing risk associated with these activities. As they develop and share more information between corporate entities, with third parties, and across borders, we work closely to develop global data sharing compliance strategies.
We conduct readiness assessments and develop tailored remediation plans to help clients move towards compliance with the General Data Protection Regulation (GDPR). We frequently partner with internal and/or third party privacy and project management stakeholders to provide counsel throughout the life cycle of GDPR compliance programs, specifically on the following:
Product/Service Development. We partner with clients to proactively manage every step in the data life cycle: collection, use, sharing, transfer, storage, protection, retention and disposal. Our experience working with global, multi-national public companies and start-up unicorn technology companies allows us to provide practical, risk-indexed privacy and security advice that works in a business-as-usual setting and comports with commercial needs. Because privacy issues most often arise following an audit, regulatory investigation, or data breach, the ability to systematize and operationalize proactive protocols is critical to risk mitigation and management. We have worked in this space on the following types of projects:
Transactional Expertise. Commercial transactions and deals regularly involve aspects of data privacy, including the sharing, and often purchase, of critical information and personal data assets. We conduct privacy reviews and deal diligence, and advise on risk mitigation strategies in relation to M&A transactions, as well as vendor agreements (e.g., cloud storage and processing, online advertising) and licensing agreements. We are often called on to advise on preclosing privacy mitigation strategy, particularly where the target-seller’s personal data assets are not subject to appropriate merger clauses.
BTI Law Firms Best at Cybersecurity, 2017
The Legal 500, 2016
Legal 500, 2015
The Legal 500, 2016
Legal 500, 2016