In today’s digital world, data is an increasingly valuable and increasingly risky business asset. It is more than just numbers and letters- it’s personal information. The collection, retention, use and protection of personally identifiable or confidential information is a rapidly changing area of the law. As businesses struggle to keep up with critical, fast-changing data protection laws and regulations, APM’s Privacy and Data Protection team is uniquely positioned to help guide clients.
How we help businesses
APM & Co. helps navigate the complex field of compliance by providing highly sophisticated data management, data security and privacy law advice. Clients benefit from our deep understanding of relevant domestic and international privacy and data security laws and regulations, including those addressing Israeli regulations, EU General Data Protection Regulations (GDPR), US regulations (CCPA, CCPRA, HIPAA), Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) and Brazilian General Data Protection Act (LGPD).
Data protection and regulation: We advise today’s data-rich businesses on how to protect data to avoid harmful cybersecurity incidents as well as to comply with regulations on data privacy. We support clients at every stage of development, often working closely with in-house team to develop policies, manage data security, carry out audits and ensure compliance.
Commercial solutions: We provide advice on data-related issues that are critical to business transactions, such as mergers and acquisitions and licensing deals, including international deals. We also advise on issues arising when using cloud services. We frequently advise on complying with the privacy policies of the leading internet service providers, search engines and e-commerce companies.
Industry-focused services: We provide tailored services on data issues that are specific to certain sectors, such as advertising, finance, healthcare, medical devices and food technology. Our lawyers are experienced in the specific needs of companies in these sectors and the complexities that can arise.
What we do
Our team provides specialist data-related services including:
- Privacy policies and privacy audits
- Data mapping and data selling structures
- Privacy Compliance programs and policies
- Data protection Impact Assessment (DPIA) and RoPa (Records of Processing under the GDPR and Data mapping under the Israeli law)
- Database registration and full compliance with local privacy and data security laws
- Data security breach notification and response plans (including Business Continuance Plans and Disaster Recovery Policies, see APM Cyber Shield for more information)
- Data subject access request and implementation of global sufficient data request policies
- Data protection issues related to corporate and M&A transactions
- Employee privacy (including privacy notices, as well as CCTV policies, email and mobile monitoring policies, access of employee data, etc.)
- Supplier’s agreements and DPA’s
- Online and mobile tracking and consumer protection regulation
- Global data transfer management (transfer agreements, BCRs, etc.)
- DPO as a Services
- Medical related Privacy and Data Protection process, including HIPAA, GDPR and other regulations, including drafting of ICPs, agreements, CTAs, DPAs and other needed privacy documentation in the field of life science
- Due diligence and data licensing review
Who we represent
Our Experience spans the full range of industry sectors including technology driven and software organizations, online media and AdTech companies, Meditech, Real Estate companies and eCommerce, hotels, mobile and media companies, etc. We work with unicorns to start ups as well as mature well established global companies, from small to big. Our programs and guidance is easily adapted to the company’s needs, based on the size, stage and needs.
Why choose us
- Our team aims to understand each client’s technology and business, and provide practical advice and consultancy based on a thorough analysis of the relevant laws and regulations, and knowledge of each company’s particular needs. We speak the client’s language, whether they are in-house counsel, chief operating officer, chief marketing officer, chief technology officer or R&D director.
- We provide advice to enhance business success and value creation in relation to data protection in diverse sectors and in relation to third-party platforms and business partners. This includes advising on international issues where appropriate, including the impact of data protection regimes in other major markets.
For further information or to discuss your business in confidence, please reach out to our lawyers below.