Services

Services

Need the full list of everything we offer? Say no more.

 

Below you will find the entire scope of our privacy services broken down into their relevant categories. Yes, some of the terms are pretty technical. If you find yourself wanting to back away slowly, we promise you’re not alone. We have to keep the legislative lingo here so that those who are well-versed with the terminology can see we’re the real deal. If you don’t understand something, drop us an email or, even better, arrange a free consultation and we’ll break it down together.

A well thought out privacy strategy can be your competitive advantage. It can make the difference between customers for life and fickle window shoppers. Show them that you care enough to keep their secrets safe before they have to ask.

A downloadable version of this list is available here.

GDPR Services

 

Gap Analysis – We use an online questionnaire to one or multiple subject matter experts to determine how well you currently meet the GDPR requirements. The final deliverable will include a detailed report of the findings with prioritized recommendations.

Data Inventories – GDPR requires organizations to document and keep records of their current business process activities. We assist in performing the initial data inventory and required Article 30 documentation as well as perform periodic updates.

Privacy Impact Assessments – We create and perform privacy impact assessments as necessary, such as when you launch a new product or marketing campaign that will use personal data. Privacy impact assessments are required under GDPR and help your organization evaluate ways personal data is collected, used, shared and stored in projects, systems, programs, products or services.

Individual Rights – Under GDPR individuals, also called Data Subjects, have certain rights related to their personal data. We design and assist with the implementation of a data subject access request process.

Digital Marketing – We will evaluate compliance of digital marketing tools (e.g. analytics, advertising, email) by ensuring personal information is not being stored unnecessarily, data is anonymized, and only required data is captured.

Cookie Consent – Related to cookie consent we can provide a vendor evaluation, establish a risk based approach, and assist with the implementation of the selected tool.

Agency Partner Compliance – We can work with your marketing agency to ensure their tools are compliant with GDPR.

Policies – We create or update privacy notices, information governance, and security policies.

External Data Protection Officer (DPO) for US companies – In certain circumstances, GDPR requires companies to have a Data Protection Officer. For companies based in the US, we can serve as an external DPO.

Vendor Management – GDPR has certain requirements covering the relationship between companies and their vendors. Companies need to review existing vendors and vet new ones for privacy and security considerations. They also need to include specific language in the vendor agreements (e.g. Data Protection Addendums (DPAs)). We will analyze and update the vendor management process, including vendor assessments.

Youth Marketing – We analyze and propose any changes that need to be made for a business to appropriately target persons under the age of 16 (per GDPR for most member states).

Ongoing Maintenance – We assist with ongoing updates to processes, data inventories, and perform privacy impact assessments as needed.

Privacy Technology – We assist with the implementation of third party privacy technology vendors such as assessments, data management, consent tools, and more.

US Privacy Services

 

Gap Analysis – We use an online questionnaire to one or multiple subject matter experts to determine how well you currently meet the state or federal law requirements. The final deliverable will include a detailed report of the findings with prioritized recommendations.

Data Inventories – We assist in performing data inventories and identifying and documenting personal data in, through, and out of your organization.

Privacy Impact Assessments – We create and perform privacy impact assessments as necessary, such as when you launch a new product or marketing campaign that will use personal data. Privacy impact assessments help your organization evaluate ways personal data is collected, used, shared and stored in projects, systems, programs, products or services.

Individual Rights – The new California Privacy Protection Act extends an individual’s rights under existing California privacy law such as the right to opt-out of the sale of data, and the right to delete and port personal data.  We can design and assist your individual rights process.

Digital Marketing – We will evaluate compliance of digital marketing tools (e.g. analytics, advertising, email) by ensuring personal information is not being stored unnecessarily, data is anonymized, and only required data is captured.

Cookie Consent – Related to cookie consent we can provide a vendor evaluation, establish a risk based approach, and assist with the implementation of the selected tool.

Agency Partner Compliance – We can work with your marketing agency to ensure their tools are compliant with US privacy laws.

Policies – We create or update privacy notices, information governance, and security policies.

Privacy program – We assist with designing, building and implementing a privacy program scaled to your business that your customers can rely on.

Vendor Management – Companies need to review existing vendors and vet new ones for privacy and security considerations. Vendor agreements should specifically cover data collection and use and data protection. We analyze and update the vendor management process, including vendor assessments.

Youth Marketing – We analyze and propose any changes that need to be made for a business to appropriately target persons under the age of 16 (state of CA, 13 for Children’s Online Privacy Protection Act)

Ongoing Maintenance – We assist with ongoing updates to processes, data inventories, and perform privacy impact assessments as needed.

Privacy Technology – We assist with the implementation of third party privacy technology vendors such as assessments, data management, consent tools, and more.

Privacy As A Service

Red Clover Advisors is here to support you in the following roles:

Fractional Privacy Officer – Rather than hiring a full-time privacy employee, we can serve as an external privacy resource. A Fractional Privacy Officer is available for consultations when questions come up and can be called on to participate in rolling out a new project. We will also keep you up to date on any developments in privacy laws that will affect our current data strategy and what tweaks we need to make so you stay ahead of the game.

GDPR or Privacy Project Lead – We are available to serve as a Project Lead for GDPR related projects, efforts to implement a state or federal law (i.e. new California Consumer Protection Act), or any other project where determining privacy requirements plays a vital role.

Privacy Advisor – We provide ongoing regulatory updates, communicate pending legislation and regularly scheduled touch points.

Leader for Tabletop Exercises – We will practice how your organization will respond to a data breach incident or an individual rights request.

Digital Data Strategy

Privacy Compliant Data Strategy – We are here to make sure you maximize the data you collect for all your products and services so your business thrives without breaking any laws.

Data-driven Digital Marketing Strategies – 1:1 customized digital marketing is more in demand than ever. We will work with you to create privacy compliant digital marketing plans using first or third party data that will give you a competitive advantage.

Pixel Governance – We create a process that centralizes the placement of web pixels and minimizes data leakage which causes privacy and security issues.

Training & Workshops

Executive and Employee Privacy Training – GDPR, Privacy Shield, and several other Federal laws require businesses to have privacy and security training. A well-executed training can ensure all your employees are on the same page and prevent potential costly breaches. We offer customized privacy training held via webinar or an in-person seminar.

Strategy Session on Privacy Issues – During these strategy sessions, we’ll cover what kind of data you can and should use and devise plans that will meet your customer’s expectations and maintain their trust while still ensuring you hit your goals.

Wondering why you should hire a privacy consultant or an attorney?