Privacy | AI Compliance

Privacy

If your company is taking data from your clients and customers, you need to disclose your privacy practices to your clients. Depending on where you have clients, different protocols may apply to your use and care of that data. For example, you may need to comply with United States state laws, Canadian privacy laws, or the GDPR in the European Union. It is important to note that the United States does not have a comprehensive federal privacy law, so each state has different requirements when it comes to how you treat your customers’ and employees’ data. We have your back and can help you meet your compliance requirements.

Our team has extensive experience navigating the privacy laws of the United States, and abroad to ensure our clients are compliant.

California consumer privacy act (CCPA) | California Privacy Rights Act (CPRA) | colorado privacy act (CPA) | General data protection regulation (GDPR) | Colorado artificial intelligence Act | personal information protection and electronic documents act (PIPEDA- Canada) | UK GDPR | Quebec law 25 | illinois biometric information privacy act (BIPA) | connecticut data privacy act (CTDPA) | Florida digital bill of rights (FDBR) | GLBA Safeguards Rule| TCPA | CAN-SPAM | Australian Privacy Act 1988 | EU Artificial Intelliegence Act | Colorado Artificial Intelligence Act (CAIA)

  • Are you Compliant?

We have an efficient system to determine what laws your company should be compliant with- and ensure you are, minimizing risk of fines for non-compliance to you. If you check any of the boxes below, you will be directed to our survey which is sent to our team for further follow up.

EU Customers. If you are not already a part of the EU/UK Data Privacy Framework, do you have an interest in joining the Framework?

Face Scans or other Bio Data. If you collect biometric information from consumers, are those individuals on notice of that collection?

Data Requests. Are you frequently receiving requests from customers to have their data deleted, corrected, or otherwise addressed without knowing exactly how to respond?

Third Parties. Do you have robust Data Processing Agreements in place for all vendors with whom you share customer or employee personal information?

Data Retention. Have you reviewed your data retention policies within the last few years to define how long each piece of data is being held across your business?

Employees. Do you collect data about your employees? Do you record them? Are they required to use their fingerprints to access anything, or face scans, perhaps other biometric data concerning health plans for employees?

GPC. Does your website recognize the Global Privacy Control, which is now required by two state privacy laws (CO and CA)?



Artificial intelligence Regulation


Colorado is the first state to enact AI regulation in the United States. The Colorado Artificial Intelligence Act (CAIA) Follows the lead of the European Union, which recently passed the EU Artificial Intelligence Act. 

Does your AI make a consequential decision?

If you are using artificial intelligence to make decisions within your company or for your customers- it could be considered a consequential decision under CAIA, and your company then needs to implement disclosures to ensure you are not a target of the AG’s office and open to liability for the actions of the AI.

Do you operate in the EU? If you use AI with consumers in the EU or are located in the EU, we also have experience with compliance with the EU Artificial Intelliegence Act.

Our team is at the forefront Developing industry standards to ensure our clients, and their AI & data policies, are compliant to avoid the risks involved with the use of data & Ai.

 
 
 


Home to The disruptors, creative lawyers & educated creatives who are joyful, curious, fun, and have an appreciation of beauty & excellence.