Representative GDPR Compliance Engagements

Here is some of the recent work we have done to help clients comply with the EU General Data Protection Regulation (GDPR):

  • Structure and deploy a global privacy program for a large digital services provider.
  • Represent a large retailer in its GDPR compliance including revision of privacy notice; assessment of third party vendors; revision of third party vendor agreements, data processing agreements, etc.
  • Completed Privacy by Design project for global hospitality company implementing AI technology.
  • Prepare and draft internal and external privacy policies, as well as incident response plans, for a nationwide title insurer, a global food, beverage and supplies distributor; an educational systems provider; and international luxury automobile manufacturer and a gaming and hospitality company.
  • Assisted clients, including a supplier of aerospace systems and a medical device company, in the formulation of a cross-border data transfer strategy for employee information, preparation for certification under Privacy Shield and compliance with GDPR.
  • Assisted a provider of professional mailing services with EU-US Privacy Shield Certification and GDPR compliance
  • Served as GDPR counsel to a U.S.-based provider of title insurance and settlement and brokerage services
  • Assisted a global investment management firm with privacy and data security aspects of the extension of a $40 million line of credit to a provider of retail installment sale financing to consumers. The representation included conducting privacy and data security diligence and negotiation of the deal representation and warranties, as well as post-closing compliance.
  • Serve as outside privacy counsel for a Fortune 500 technology company and device manufacturer, with a special focus on international and health care compliance.
  • Serve as outside technology counsel for a leading UK-based retail data analytics company serving Fortune 500 retailers and branded companies.
  • Assisted a large international hospitality provider with its global privacy compliance efforts, including revision of vendor agreements, revision of privacy and information security policies, assistance with EU-US Privacy Shield compliance and preparation for GDPR compliance.
  • Advised and negotiated Controller–Processor data processing agreements for a company providing services to clinical trials.
  • Advised a leading organization for professional credentialing on its privacy policies (internal and customer facing) and on data transfer agreements.
  • Drafted and negotiated master services agreements, EU data processing agreements and information security policies for a company providing services for clinical trials conducted worldwide.
  • Drafted and negotiated complex licensing, services and service level agreements for IT systems, data mining applications and equipment management services for a large health care organization.
  • Represented a large broadcasting and telecom provider in the sourcing of hosted services related to its consumer information.
  • Assisted an augmented reality platform for retailers and an influencer marketing platform with vendor assessment questionnaires, as well as internal and customer-facing information security policies.
  • Advised a leading professional development membership organization on compliance with the "Cookie Directive."