Privacy, Data Protection & Marketing Compliance

We advise startups, SaaS companies, and growth-stage businesses on privacy, data protection, and regulatory compliance in the United States and the European Union. Our work includes drafting and negotiating Master Services Agreements (MSAs), Privacy Policies, and data-use terms that align with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and related U.S. privacy laws and best practices. We focus on practical, scalable documentation that supports product development, sales, and enterprise contracting.

We also represent individuals in matters involving privacy violations, rights of publicity, and misuse of personal identity. In one high-profile dispute, we successfully challenged a major U.S. motion picture and media conglomerate over its use of a deceased individual’s name, resulting in reshot scenes, a renamed fictional character, and revised marketing materials prior to the film’s North American release.

In another matter, we represented an Iraqi refugee featured in a biographical documentary film. We negotiated enhanced privacy protections, profit participation, and a co-producer credit, ensuring our client’s story was presented responsibly and with appropriate recognition.

We further advise clients on marketing and advertising compliance, including investor communications. We currently represent a New York-based venture capital fund and recently conducted a comprehensive review of its compliance manual in response to amendments to the Investment Advisers Act of 1940 and the SEC’s updated rules governing investment adviser marketing and advertising.