Data Privacy Compliance Attorney Protecting Your Business Online.
Attorney Philip Nicolosi advises businesses and other website regarding data privacy and protection laws related to the collection/use of information from website and app visitors. With changes in FTC guidelines and the adoption of recent state laws (such as the Illinois Biometric Privacy Act), website operators must not only worry about liability from website visitors and/or customers, but with regulatory agencies as well. Mr. Nicolosi understands the marketing and business practices that pose significant liability concerns for businesses operating online. Our years of experience in this niche gives our business clients the ability to grow online, not stumble out of the gates.
Data Collection & Use Disclosure
Under the EU General Data Protection Regulation (GDPR), EU natural citizens now have extensive rights to control how their personal data is collected, maintained and/or used. The GDPR includes a comprehensive definition of what constitutes personal data and sets forth numerous rights of individuals to know how their personal data is being used and each data collector must obtain informed consent to collect, maintain or use the individual’s personal data prior to collection. GDPR compliance requires consent prior to automatic data collection and proper data collection and use disclosure is critical. Attorney Philip Nicolosi has advised numerous businesses and website operators on GDPR best practices. This has included website and app data collection compliance audits and assistance with the creation of compliance mechanisms, including working closely with client in-house or contracted website and app developers.
Collecting Information From Children Under 13
The Children’s Online Privacy Protection Act (“COPPA”) applies to operators of commercial websites and online services directed to children under 13 that collect, use or disclose personal information from such children. COPPA also applies to the operators of general audience websites and online services where the operators have actual knowledge that they are collecting, using or disclosing personal information from children under 13. Under COPPA, website operators must:
- Provide direct notice to parents and obtain verifiable parental consent, with limited exceptions, before collecting personal information from children;
- Provide parents access to their child’s personal information to review and/or have the information deleted;
- Give parents the opportunity to prevent further use or online collection of a child’s personal information;
- Maintain the confidentiality, security, and integrity of information they collect from children.