Almost all businesses now need someone who oversees their data practices, but not all business have the employee resources to handle all aspects of this key compliance issue. We solve this problem by acting as your outside CPO for some or all of the following needs. By using CPO on Demand™ you receive access to experienced privacy professionals who can help as little or as much as needed, without the cost or commitment of hiring a full internal team.

What our Clients Say:

“When Upwork has security or privacy questions that we can’t answer in-house, we depend on InfoLawGroup’s sound advice. Not only do they have extensive experience in technology, but they also possess the rare ability to balance legal requirements with business needs.”  — Crystal Tajalle, Senior Compliance Counsel at Upwork.

 “Signal has partnered with Justine Gottshall and InfoLawGroup from the earliest stages of our company, and they have been with us as our needs have grown much more complex over the past seven years. Justine in particular has helped us think about privacy-by-design in ways that have helped shape our products and our business, and as our CPO has helped us navigate privacy and governance globally. As we continue to expand internationally, we are impressed by the depth of knowledge and connections to local counsel that the InfoLawGroup team is able to bring to the table.” — Blane Sims, Chief Innovation Officer at Signal.

Our Services:

  • Privacy by Design: Working with engineering and product teams to consider privacy and data security issues for new products and services and to build in compliance from the start.
  • Global Privacy Counseling: We work with clients to address compliance in non-U.S. jurisdictions, coordinating and working with local counsel as needed. We can serve as your solution – or part of your solution – for having the required DPO under GDPR. We address cross border transfers, required disclosures, obtaining registration or prior authorization where required, participation in the Privacy Shield program, and draft data transfer agreements using EU-approved model contracts.
  • Internal Policies: We work on privacy and data security policies that govern the internal use, sharing, storage and securing of data. We also assist clients in obtaining third party audits, working with consultants, and obtaining 3rd party seals and certifications.
  • Consumer and Other External Policies: We draft external facing privacy policies and other consumer disclosures and consents. We also assist in implementing updates to these policies and counseling the business team to ensure continued compliance with these policies.
  • Contracts: We draft and negotiate contracts or specific provisions in contracts to address data security, data collection and data sharing issues.
  • Liaison with CIO or CSO: We coordinate all aspects of compliance with the technology team, including ensuring that the necessary legal documentation is in place with regard to internal controls and data security.
  • Training and Awareness: We conduct training sessions to assist our clients in ensuring ongoing compliance with the law and their own policies with regard to data.