Blog - Page 14

Legal articles in easy to understand language.

How to Collect Consent for AI and Machine Learning Data

How to Collect Consent for AI and Machine Learning Data

If you are training AI models for your startup or business, you need to consider what data you are using and whether this is data that you need to obtain consent for. As a requirement of the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Personal Information Protection and...

Serving U.S. Customers from the EU? Key GDPR Considerations Explained

Serving U.S. Customers from the EU? Key GDPR Considerations Explained

The General Data Protection Regulation (GDPR) is an EU law that works to protect the privacy rights of EU residents. Businesses that collect or process personal data from people within the EU must comply with the GDPR. But what about if your company is located in the EU and your customers...

Does the GDPR Apply to Employee Data for U.S. Companies with EU Contractors?

Does the GDPR Apply to Employee Data for U.S. Companies with EU Contractors?

The General Data Protection Regulation (GDPR) imposes strict obligations on companies around the world when it comes to how they can process the personal data of EU residents. U.S.-based companies that work with EU-based freelancers, contractors, or remote hires often aren't sure whether or not the GDPR applies to the handling...

Are Privacy Practices an Investment Risk? Due Diligence Checklist for VCs

Are Privacy Practices an Investment Risk? Due Diligence Checklist for VCs

If you're a private equity investor, a venture capitalist, part of a mergers and acquisitions team, or simply looking to invest some of your savings into another company, privacy-related due diligence is something you cannot overlook. This article will explain why you, as an investor, must have due diligence around privacy...

How U.S. Companies Can Inadvertently Trigger LGPD Enforcement in Brazil

How U.S. Companies Can Inadvertently Trigger LGPD Enforcement in Brazil

Brazil's Lei Geral de Proteção de Dados (LGPD) has strict compliance requirements for companies that handle the personal data of Brazilian residents. U.S.-based companies - namely eCommerce and SaaS companies - may be required to comply with the LGPD if they have customers or users located in Brazil. This article will...

Privacy UX: How Design Choices Impact Legal Compliance

Privacy UX: How Design Choices Impact Legal Compliance

Privacy UX is about hitting the sweet spot between a great user experience and compliance with data privacy laws. Short for "privacy user experience," effective privacy UX allows businesses to collect the data they need while allowing customers to retain full control over how it is used. This balance can be...