Privacy and Data Protection
Our firm has a team of lawyers highly specialized in privacy and information technology, trained to provide consulting and litigation services in matters related to data protection and information security.
We work along with our clients to develop special compliance procedures which are customized according to their needs and to the level of compliance with the regulations:
DPIA (Data Protection Impact Assessment): a data protection and information security assessment methodology for identifying, mapping, analyzing, organizing and minimizing any privacy risks or impacts.
Specialized Audit: due diligences for identifying information security, data protection, intellectual property and regulatory risks, including consulting services in all the stages of the transaction.
Internal Policies: the organization of internal information security policies, including, information security terms and device monitoring, password policies, the use of email and clean desk policy, recovery plans, information security incident plans and confidentiality policies.
GDPR: the compliance, by National and European companies, with the new internationally applicable obligations imposed by the General Data Protection Regulation,
Privacy by Design: the development analysis and the implementation of technologies, products and services focused on privacy and personal data protection.
Cross Border Data Transfer: consulting services for international data transfer projects, the study and draft of Binding Corporate Rules, Standard Clauses, Global Corporate Clauses, specific consent and technologies implementation to comply with the domestic laws, acting with international associates from different jurisdictions.
Insurance: the support on the selection and employment of accredited brokers to protect the company’s intangible assets regarding information security incidents
Information Security Incident Management: the advice on incidents prevention and reaction, including the design of a response plan and a business continuity plan, the training of key officers and company spokespeople, the mapping of technical solutions and of the incident causes.
Legal Opinions: the analysis of products and services offered by companies, the risks involved, the calculation and evaluation of potential contingencies, and the recommendations for risk mitigation
Consulting: incident response, the assessment of internal practices and conducts, the production of expert evidence to identify policy violations, and the organization of recovery plans
Assessment of Key-Contracts: the draft and analysis of contracts regarding software, intellectual property, cloud services, transfer of know-how, among other documents that directly impact the company’s intangible assets.
Training: workshops, lectures and group sessions with the company´s management and staff for preparing them to comply with the internal Compliance rules.
