United States
Data Privacy Group is a “one stop shop” for your regional and global data protection needs. Irrespective of your international jurisdiction, our global team serves you globally with local, regional and international data protection services. Our solution is complete, end-to-end, builds bridges between IT, legal and business, and adheres to best practices. We empower your organization to avert costly data breaches and reduce risks of non-compliance that could result in fines from the regulator and loss of trust of your customers.
Solution packages
We have designed a scalable Data Protection service “packages” within the US market that will suit start-ups, corporations, groups as well as international conglomerates, irrespective of the sphere of industry. Alternatively, we can provide you with a tailor-made roadmap, outsourcing, or privacy by design solutions.
The following packages are designed for companies that want to conform to the California Consumer Privacy Act (CCPA) as the most acknowledged and commonly used privacy standard in the region and may be supplemented by other necessary acts. These packages guarantee compliance to data privacy at the shortest possible time.
STARTUP
Startup package is our unique solution, applicable for a small and middle sized startups, which have to be GDPR compliant. All the basic steps to reach compliance shall be taken, including:
Developing the record of processing activities (RoPA) and determining legal grounds for processes.
Compiling a Privacy Notice and Internal Data Protection Policy.
Determining the roles in processing operations (controllers / joint controllers / processors / third parties).
Creating a cookie-banner and drafting a cookie-policy for the company’s website.
STANDARD
Basic level of compliance that includes:
Developing the Register of Processing Activities (RoPA) as a space for managing consumers’ personal information.
Compiling a Privacy Notice for consumers and Internal Data Protection Policy.
Staff awareness training.
Consultation where required.
GOLD
Medium level of compliance, including Basic package plus reviews and recommendations for improving processes involving personal data, and processing agreements. In question, Gold package includes:
Description of the processes in which personal data are involved with a list of recommendations and risk pre-assessments.
Drafting data processing agreements with counterparts.
Conducting Privacy by Design sessions.
Staff training on rules of personal information processing and information security requirements.
PLATINUM
High-level compliance, which includes Gold package services, plus product audit with detailed recommendations, customization of processes for handling data subject requests and data breaches, meeting disclosure and transparency requirements. It also entails DPM outsourcing. The peculiarities of this option are:
A comprehensive audit of the product and description of its data processing activities.
Ensuring compliance with the disclosure and transparency requirements by providing multiple forms of privacy notices and policies.
Implementing Cookie banner settings.
Assistance in implementing the processes of reporting data breaches and responding to consumers’ require.
Data Privacy Counsel / Manager Outsourcing.
