GDPR / US Privacy Law & Data Security

Privacy Policies, Agreements, Contracts, Disclosures

Privacy Policies: Web + Workspace + Investor​

Privacy policies are legal documents that outline how an organization collects, uses, and protects personal information. From the perspective of privacy law, privacy policies must comply with various regulations and guidelines, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Privacy policies must be written in clear and concise language, and must provide users with a clear understanding of what data is collected, how it is used, and with whom it is shared.

Privacy policies for web, workspace, and investor contexts must be tailored to the specific needs of each context, taking into account the types of data collected and the purposes for which it is used. For web privacy policies, organizations must consider the types of cookies used, the collection of location data, and the use of analytics tools. In the workspace context, organizations must consider how personal data is collected and used by employees, contractors, and vendors. For investor privacy policies, organizations must consider how personal data is collected and used during fundraising and investor relations activities. Overall, privacy policies play a critical role in ensuring that organizations comply with privacy laws and regulations, while also protecting the privacy rights of users, employees, and investors.
Schedule Consultation ›

Vetted Disclosures

Vetted disclosures refer to the process of disclosing personal data to third parties after ensuring that the recipient has a legitimate need for the data and will use it in a legal and ethical manner. From the perspective of privacy law, vetted disclosures must comply with various regulations and guidelines, such as GDPR and CCPA. Organizations must ensure that they have a lawful basis for disclosing personal data, and must provide individuals with clear and transparent information about the disclosure.

Vetted disclosures must also include appropriate safeguards to protect the privacy and security of personal data. These safeguards may include contractual protections, such as confidentiality agreements, and technical protections, such as encryption and access controls. Organizations must also have processes in place for monitoring and auditing vetted disclosures to ensure that the recipient continues to use the data in a legal and ethical manner.
Schedule Consultation ›

Employment Agreements

Employment agreements must comply with privacy laws to ensure that employees' personal data is collected, processed, and shared in a legal and ethical manner. These agreements must clearly outline the rights and obligations of the employer and the employee with respect to data privacy. Employers must ensure that their employment agreements comply with relevant privacy laws such as GDPR, CCPA, and HIPAA.

Employment agreements must address key privacy issues, such as the collection and use of employee personal data, data retention, data security, and data breach notification. These agreements must also include provisions for obtaining employee consent for data collection and use, and for handling employee requests for access, rectification, and erasure of their personal data. Employers must also ensure that their employment agreements comply with labor laws and regulations, such as the Fair Credit Reporting Act (FCRA) and the National Labor Relations Act (NLRA), which protect employees' privacy rights in the workplace.
Schedule Consultation ›

Vendor & Customer Agreements

Vendor and customer agreements must comply with privacy laws and regulations to ensure that personal data is collected, processed, and shared in a legal and ethical manner. These agreements must clearly outline the responsibilities and obligations of each party with respect to data privacy, including data collection, processing, storage, and disposal. Organizations must ensure that their vendor and customer agreements comply with relevant privacy laws such as GDPR, CCPA, and HIPAA.

Vendor and customer agreements must address key privacy issues, such as data retention, data security, and data breach notification. These agreements must also include provisions for obtaining user consent for data collection and use, and for handling user requests for access, rectification, and erasure of their personal data. By ensuring that their vendor and customer agreements comply with privacy laws, organizations can build trust with their customers and vendors, avoid costly penalties for non-compliance, and protect their reputation in the marketplace.
Schedule Consultation ›

Risk Mitigation & Insurance Assessment

Risk & Insurance assessment through the lens of privacy law refers to an evaluation of an organization's privacy and data security practices to identify potential risks and liabilities. The assessment typically involves reviewing an organization's privacy policies, data handling procedures, and security controls to determine if they comply with relevant privacy laws and regulations. The assessment also involves identifying potential vulnerabilities and threats to personal data, and evaluating the organization's ability to respond to data breaches and other security incidents.

An insurance assessment helps organizations understand their privacy and data security risks, and identify opportunities to improve their practices and reduce their liabilities. Insurance companies may require organizations to undergo an assessment as a condition of obtaining insurance coverage for data breaches and other privacy-related incidents. By undergoing an insurance assessment, organizations can demonstrate their commitment to privacy and data security, and reduce their exposure to legal and financial risks associated with privacy law violations.
Schedule Consultation ›

Latest News & Case Studies

Next Step: Let's Talk

Include Convenient times below