Have you cataloged all of your consumer data that may be considered “Personal,” “Sensitive” or otherwise regulated?  Do you have a compliant process for fulfilling the various consumer rights obligations in the regions you operate?  Are your legal notices and policies aligned with your actual databases, product offerings, and technical/operational procedures?

As consumer privacy regulation continues to evolve rapidly, it’s critical that your Legal paperwork is both informed by and synchronized with your evolving business - particularly given that operational mistakes around consumer rights can expose you to undesired scrutiny, PR hassles, or even legal investigations.

Combining technical/operational experience with a solid understanding of consumer privacy legal requirements, we can help you bridge the gap that often exists between contract and policy paperwork and the actual business/data that it covers. Let us help you implement and maintain an efficient and scalable operational compliance program.

INVESTORS: These days it’s imperative to know whether your acquisition target has any consumer privacy compliance red flags or legal/operational gaps. While it’s a complicated, nuanced field, we can provide an overall assessment and/or conduct a comprehensive due diligence.

Consumer Privacy Offerings

    • Identify and assess sources of consumer Personal Data subject to privacy regulations for the regions in which you operate

    • Design and implement operational and technical procedures and program controls to maintain compliance

    • Coordinate with Legal counsel to ensure synchronization of policies and contracts with product/technical and database “reality”

    • Risk Assessments: Review compliance program documentation and interview key stakeholders to provide an initial overall POV and identify any red flags or major potential risks requiring further investigation.

    • Due Diligence: Verify compliance program and documentation; Map Personal Data in the context of privacy disclosures and required consents; Test and evaluate Consumer Rights handling; Review of InfoSec certifications; Analyze strengths/gaps and provide key recommendations.