Representative Engagements

Here is some of the recent work we have done to help clients comply with the EU General Data Protection Regulation (GDPR):

  • Structure and deploy a global privacy program for a large digital services provider.
  • Represent a large retailer in its GDPR compliance including revision of privacy notice; assessment of third party vendors; revision of third party vendor agreements, data processing agreements, etc.
  • Completed Privacy by Design project for global hospitality company implementing AI technology.
  • Prepare and draft internal and external privacy policies, as well as incident response plans, for a nationwide title insurer, a global food, beverage and supplies distributor; an educational systems provider; and international luxury automobile manufacturer and a gaming and hospitality company.
  • Assisted clients, including a supplier of aerospace systems and a medical device company, in the formulation of a cross-border data transfer strategy for employee information, preparation for certification under Privacy Shield and compliance with GDPR.
  • Assisted a provider of professional mailing services with EU-US Privacy Shield Certification and GDPR compliance
  • Served as GDPR counsel to a U.S.-based provider of title insurance and settlement and brokerage services
  • Assisted a global investment management firm with privacy and data security aspects of the extension of a $40 million line of credit to a provider of retail installment sale financing to consumers. The representation included conducting privacy and data security diligence and negotiation of the deal representation and warranties, as well as post-closing compliance.
  • Serve as outside privacy counsel for a Fortune 500 technology company and device manufacturer, with a special focus on international and health care compliance.
  • Serve as outside technology counsel for a leading UK-based retail data analytics company serving Fortune 500 retailers and branded companies.
  • Assisted a large international hospitality provider with its global privacy compliance efforts, including revision of vendor agreements, revision of privacy and information security policies, assistance with EU-US Privacy Shield compliance and preparation for GDPR compliance.
  • Advised and negotiated Controller–Processor data processing agreements for a company providing services to clinical trials.
  • Advised a leading organization for professional credentialing on its privacy policies (internal and customer facing) and on data transfer agreements.
  • Drafted and negotiated master services agreements, EU data processing agreements and information security policies for a company providing services for clinical trials conducted worldwide.
  • Drafted and negotiated complex licensing, services and service level agreements for IT systems, data mining applications and equipment management services for a large health care organization.
  • Represented a large broadcasting and telecom provider in the sourcing of hosted services related to its consumer information.
  • Assisted an augmented reality platform for retailers and an influencer marketing platform with vendor assessment questionnaires, as well as internal and customer-facing information security policies.
  • Assisted a provider of Voice over Internet Protocol (VoIP) telephony platform with sophisticated call analytics in the design of its service incorporating security considerations and in the negotiation of its services agreement and terms and conditions of use.
  • Drafted an information security plan for a digital publishing company and advised on COPPA (Children's Online Privacy Protection Act) issues related to its advertising campaigns.
  • Advised a leading professional development membership organization on compliance with EU Data Protection Directive and "Cookie Directive."