Personal information of customers, employees, and vendors is one of the most valuable assets held by a company and also, increasingly, one of the most vulnerable to unlawful disclosure. Personal information essentially includes anything that can be used to identify a particular person. This includes obvious items like names, photos, and social security or other identification numbers. Sometimes it also includes less obvious data points such as computer IP addresses, geolocation information, genetic identifiers, and voice prints. With the ever expanding proliferation of privacy laws around the world, all aimed at protecting an individual’s ability to control the use and spread of their personal information, companies must perform an analysis of the information they collect and their privacy practices to ensure that they comply with these privacy laws.
Protorae Law’s Data Privacy Practice is a proactive, holistic, strategic counseling practice focused on guiding clients through the review of their corporate activities, data flow, and systems, and modification of their practices to support compliance with the relevant laws. We work collaboratively with clients to deeply understand the information collected, where it lives within the company, how it is used, and with whom it is shared. We then help companies develop the internal policies, practices, and compliance programs necessary to come into compliance with privacy laws that affect their business. We also help you develop the contracts needed to ensure that our clients’ relationships with vendors and service providers meet the compliance obligations of the applicable privacy laws, including through data transfer agreements, data processing addenda, and amendments to master relationship agreements to ensure appropriate handling of personal information. Through it all, we focus on creative and cost-effective solutions that match our clients’ goals, risk tolerance, and budgets.