Privacy Compliance – GDPR/CCPA/CPRA
Bobby Lyons has over 25 years’ experience as a Chief Privacy Officer, Data Privacy Officer, and Chief Information Security Officer. Bobby leads the privacy compliance efforts for sitejet. With deep experience both in building programs and consulting for companies facing privacy lawsuits, the sitejet methodology is not designed to just seek compliance with privacy laws, we diligently work to deter the filing of a frivilous lawsuit. We specialize in preparing for due diligence in an acquisition event and performing due diligence for a potential acquisition.
Today with Social Commerce and Marketing it is not reasonable to expect marketing teams to fully understand privacy laws. Sitejet provides training so marketers know when to ask the questions and we provide programs that prevent violations from occurring through proper governance, access controls, and company policies.
Sitejet works seamlessly with internal counsel, compliance and regulatory teams, and external counsel to build documented programs with ongoing monitoring that surpasses legal requirements which is the key to minimizing business risk and avoiding lawsuits.
Privacy Compliance – GDPR/CCPA/CPRA
Bobby Lyons has over 25 years’ experience as a Chief Privacy Officer, Data Privacy Officer, and Chief Information Security Officer. Bobby leads the privacy compliance efforts for sitejet. With deep experience both in building programs and consulting for companies facing privacy lawsuits, the sitejet methodology is not designed to just seek compliance with privacy laws, we diligently work to deter the filing of a frivilous lawsuit. We specialize in preparing for due diligence in an acquisition event and performing due diligence for a potential acquisition.
Today with Social Commerce and Marketing it is not reasonable to expect marketing teams to fully understand privacy laws. Sitejet provides training so marketers know when to ask the questions and we provide programs that prevent violations from occurring through proper governance, access controls, and company policies.
Sitejet works seamlessly with internal counsel, compliance and regulatory teams, and external counsel to build documented programs with ongoing monitoring that surpasses legal requirements which is the key to minimizing business risk and avoiding lawsuits.
Documentation Approach
Documentation is the key to any compliance program. Sitejet works with our customers to create maintained data mapping documents. A data mapping document is the primary tool used by legal counsel to review and draft changes to the privacy policy. Enforcing usage of the document before new tracking is added to the website prevents tracking from reaching the website without the proper review.
Process documents are created as part of the program that provides the timelines required to respond to requests for information or deletion. Automation is added to ensure a ticket is created to track the request. Most fines for privacy are a result of missing the timeline. Most lawsuits are a result of tracking on the website that does not have the proper disclosures or load before the customer has consented to the tracking.
Sitejet deploys and configures software to obtain consent as well as a privacy scanner that scans the website monthly to capture any new tracking that somehow bypassed normal company approvals. All scans are documented to demonstrate an active privacy program is in place.