Data Protection Consulting

Whether you merely need to refresh your Privacy Policy, Terms of Use and Cookie Policy, or you need Data Protection Consulting regarding compliance and best practices, a Data Protection Impact Assessment, Corporate Security or Data Breach Response Plan, we have you covered. 


CalOPPA - For years the California Online Privacy Protection Act was the U.S. standard for data protection and online privacy. CalOppa requires websites and developers to have a clear and conspicuous privacy notice regarding the collection and handling of personally identifiable information collected from users and a statement regarding 'Do Not Track' signals.

On June 28, 2018, California unanimously passed the California Consumer Privacy Act of 2018, the strictest privacy law in the U.S. that will go into effect in 2020. The law mirrors key provisions of the GDPR, which went into effect on May 25th, 2018. The California privacy law applies to all businesses collecting or processing data from California citizens.

COPPA - The Children's Online Privacy Protection Act went into effect in 2000 and governs websites marketing to children under 13. If your site is engaged in the collection or processing of children's data, you have additional compliance obligations that require technological integrations.

GDPR - The General Data Protection Regulation, considered the most stringent privacy law in existence, went into effect on May 25th, 2018. The regulation expanded user rights, obligations for data processors, as well as data collectors. This international regulation has brought the privacy discussion to the forefront due to hefty fines which can range from 4% of annual global turnover or roughly $24 million dollars, whichever is greater.

Lawyers and in-house counsel unfamiliar in tech and privacy law are seeking data protection compliance for assistance in achieving and maintaining their clients' compliance.

ePrivacy Directive




What is the responsability of a Data Protection Officer

Data Protection Officer is someone who is given formal responsibility for data protection compliance within a business.  – You are required to appoint a Data Protection Officer if:

  • Your organization is a public authority; or
  • You carry out large-scale systematic monitoring of individuals (for example, online behavior tracking); or
  • You carry out large-scale processing of special categories of data or data relating to criminal convictions and offenses.


Business registration attorneys and startup lawyers, assist businesses in selecting and registering their business entity. Check out our answers to your frequently asked questions below or contact Kinney Firm to see how we can assist you in launching your business.