General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) became effective in the European Union (EU) on May 25, 2018.  The GDPR is a regulatory framework that governs the processing of personal data of EU data subjects.  The GDPR has a massive footprint, impacting businesses across the world even if they are not located in the EU.  Fines for non-compliance can reach the greater of 20 million euros or 4 percent of annual worldwide turnover.

Team up with attorneys at The CommLaw Group to tackle even the most difficult GDPR compliance challenges facing your business.  We can help new and established companies determine whether they are covered by the GDPR, identify applicable GDPR requirements, and develop a GDPR compliance plan. 

Our attorneys are also knowledgeable about the intersection of the GDPR and US privacy laws. As California prepares to implement the California Consumer Privacy Act (CCPA) in January 2020, our team can design a comprehensive privacy compliance program for your business that meets the legal requirements of both the GDPR and the CCPA. 

Our menu of services includes:

  • Advising clients on whether the GDPR applies to their business
  • Developing a tailored GDPR compliance plan
  • Implementing subject rights, including rights to information, access, correction, to be forgotten, and data portability
  • Revisions to privacy policies or privacy notices
  • Counseling clients on data security best practices
  • Identifying legal basis for processing or using protected information
  • Negotiating data processing agreements and other contracts
  • Advising clients on building compliance programs that comply with both EU and US laws and regulations