PRIVACY professional
In my former career as a German diplomat in the EU Coordination Unit of the Federal Foreign Office, I witnessed the beginning of complex and what were to become extraordinarily long negotiations of the General Data Protection Regulation (GDPR) among European Union member states from within the negotiation machinery. I then relocated to the United States to take up a leadership role organizing multi-stakeholder meetings and high-level discussions between Germany, the EU member state most fervently in favor of strict data protection rules, and tech companies in Silicon Valley.
After leaving the Foreign Service in 2015, I have used this experience to specialize in GDPR advice. I completed training with the International Association of Privacy Professionals, and early 2017, passed the Certified International Privacy Professional (Europe) CIPP/E exam and have since then continuously expanded my expertise and training.
Partnering with technology law practices and strategy consulting firms in Europe and the US, I advise US and EU businesses on data strategy, particularly with regards to the GDPR, and related communication issues.
My services include
- advising smaller U.S. technology companies entering Europe for the first time on the policy landscape and challenges they’re likely to face there.
- strategic advice for executive-level decisions (board of directors, management) regarding data strategy, privacy by design, and building sustainable businesses in markets that are impacted by privacy and data protection concerns,
- communication issues related to data protection:
-
advising technology companies based in the US on how to talk about privacy in the context of the evolving regulatory environment,
-
developing policy communications strategies for European technology companies entering the U.S,
-
crisis communication in cases of data breaches,
- assessing client compliance requirements and aligning compliance strategy with business goals,
- advising clients on a broad range of aspects of their privacy and data protection program (policy, procedures, training, tools), legal frameworks, cross-border data flow, privacy impact assessments, data mapping, vendor agreements,
- data management using OneTrust software (certified Privacy Management Professional).