Our data protection & privacy team guides clients through the ever-changing landscape of laws, regulations, and industry standards related to data privacy, data protection, spam, and information law. Drawing upon our cross-disciplinary expertise, we provide efficient and effective counseling and representation on a full range of matters, including compliance with Israeli, European, U.S., and international regulations and legal requirements related to personal data, information security, marketing activities, cross-border data transfers, data mapping, audits of privacy compliance, privacy due diligence, including ongoing support of compliance infrastructure. We are also skilled at drafting and negotiating a wide range of agreements related to data processing.
From emerging companies to large enterprises, our clients span a variety of industries, including the heavily regulated healthcare, insurance, financial services, environmental, and energy industries as well as emerging industries such as social media, e-commerce, AdTech, and the Internet of Things.
Our comprehensive scope of services includes assisting clients with the implementation of local regulations (such as the Privacy Protection Regulations ((Data Security), 2017 and cross-border regulations) as well as foreign regulations with the current focus on the General Data Protection Regulation (Regulation (EU) 2016 679 (GDPR), California Consumer Privacy Act (CCPA) and other U.S. State data protection laws.
Our data protection & privacy lawyers work closely with the firm’s Hi-Tech, M&A, and Capital Markets practices to perform privacy and cyber due diligence and provide relevant transactional support. They also offer advice and counseling in privacy and spam-related litigation matters, including class actions.
We leverage our long-standing relationship with an extensive network of trusted international law firms to provide immediate legal assistance with reporting multi-jurisdictional data breaches and privacy intrusions.
How We Help Clients:
- Data protection and privacy compliance projects in various jurisdictions
- Assistance in data mapping including registration of databases in Israel
- Conducting compliance audits, including representing clients in steering and audit committees and board meetings and performance of DPIAs
- Drafting data security policies, guidelines, and privacy-related procedures (i.e., data subject requests, retention, data breach notification, outsourcing)
- Drafting and negotiating web and application terms of use and service, privacy notices and policies, and cookie notices and policies
- Drafting and negotiating data processing agreements (under Israeli law, GDPR, and CCPA) and other privacy-related agreements
- Handling complex cloud and SaaS transactions
- Handling and reporting data breaches and cyber incidents (both domestic and international)
- Interacting with local and foreign regulators and enforcement authorities and managing enforcement proceedings
- Advising on cross-border aspects, including data transfer impact assessments (TIAs)
- Assisting clients to structure their products and technology in a privacy-enhancing manner, opinions on privacy by design and by default
- Advising on spam and marketing issues
- Advising on data subject requests and handling responses and complaints
- Training and awareness projects
- Assisting M&A and capital markets teams with data protection and privacy due diligence and disclosure components and strategic decisions in M&A transactions and IPOs
- Assisting Labor & Employment team with matters related to employee monitoring and privacy
- Cyber insurance counseling and close cooperation with our insurance and tort practice teams in cyber insurance litigation, including involvement in first response teams
- Cyber and spam litigation and privacy-related litigation and dispute resolution, including class actions