Privacy and Data Protection Law
In the era when data collection and processing constitute an integral part of business operations of any corporate entity, processing and management of personal data have become a major challenge for all corporate entities. Corporations of all sizes are required to comply with different laws within different jurisdictions, which may expose them to civil lawsuits, administrative enforcement procedures and financial sanctions as well as loss of commercial, business and M&A opportunities in the event of non-compliance.
The Meitar Law Privacy and Data Protection Group is the largest in Israel, comprising lawyers from Israel and overseas, specializing in this field. The group assists our Israeli and international clients in a wide range of sectors of the economy, such as software, cybersecurity, pharma and digital health, Fintech, banking, e-commerce, energy, hospitality and more. Our team assists major players in various fields and is skilled to provide practical and creative solutions combining privacy compliance, technology and innovation.
Our services include:
- Implementation of compliance programs with privacy and data protection laws in various jurisdictions, including the Israeli Privacy Protection Law and Data Protection Regulations, GDPR, CCPA, NY SHIELD Act and more.
- Legal advice on structuring business models and technology-based products (e.g. addressing the legal risks and applicable regulations and the implementation of the “Privacy by Design” principle).
- Assistance with all aspects of privacy and data security in the context of data breaches and cybersecurity events, including submitting reports to the relevant regulatory authorities, notifications to data subjects, etc.
- Advising on data subject requests (e.g. access, rectification, right to be forgotten).
- Advice on privacy-related aspects of investment transactions, M&A, asset deals and privacy due diligence.
- Drafting and negotiation of data processing agreements and other transactions in which the subject matter is data (e.g. data acquisitions, data licenses, data transfer agreements).
- Advice on employee privacy matters.
- Advice on and drafting of privacy and data protection procedures, including data breach notification policies, outsourcing policies, data retention policies, data deletion policies, etc.
- Advice on and development of cross-border data transfer strategies, including data transfers outside Israel and the EU/EEA.
- Advice and support in connection with inspection, enforcement and investigation proceedings conducted by various regulators in Israel and abroad.
- Database registry and registration updates in Israel.