Aeries Technology

Ensure Data Privacy with CCPA, GDPR Compliance Solution

Key Highlights

Challenge

Help to implement a robust regulatory compliance program

Solution

Established data protection framework compliant to Privacy Shield, GDPR and CCPA

Result

Helped client be compliant to statutory requirements, export laws

The set-up of a Legal Compliance function reduces risk in the business by facilitating the right actions and clear understanding of existing compliance parameters. Data privacy is also important for a company as it helps to attract possible investors, partners and potential customers, who will have faith in the ability of the company to protect their personal information in the long run.

Business Challenge

The client is a leading provider of secure access and mobile security solutions to enterprises and service providers. It was a carveout from a large technology company, and sought help from the Aeries Team to:

  • Set up compliance policies and procedures, adhering to the laws and regulations controlling export of goods, products, information and technology between the United States and rest of the world
  • Ensure all global compliances regarding applicable rules, policies, and standards arising from laws, regulations, and guidelines applicable to each geography are followed
  • Set up an effective Contract Management system for recording and tracking all legal contracts to be set up
  • Establish the client’s data privacy compliance program in accordance with the Privacy Shield, GDPR, and CCPA standpoint

Aeries Solution 

  • After understanding the requirements of the client, Aeries Technology with the help of its resources prepared workflows and checklists to develop a robust regulatory compliance program, spanning across geographies.
  • For the client, Aeries resources established the following:
    • A Data Protection framework (Gap analysis, Policy framework, Consent management, DSAR and Incident Response procedure, Annual assessment of Privacy posture) and ensured a full compliance with Privacy Shield, GDPR and CCPA, in a timely manner.
    • A Trade Compliance process (RPL screening, Export Licenses, Support Documentation, Client Liaison, Training) to verify that all the client’s exports are compliant with US export rules.
    • Assisted in statutory audits across geographies.
    • Aeries also assisted in setting up a robust Contract Management system.

Business Impact

  • Aeries provided an effective Statutory Compliance method through the Data Protection Framework and Trade Compliance procedure, ensuring that no statutory requirements were violated, which might result in severe fines or penalties.
  • Robust Export compliance framework ensured that the client stays compliant with US Export laws, at all times.
  • Contract Management system ensured contract covenants are attended to, timeously.
  • The Data Privacy compliant posture ensured better market positioning (especially European market), thereby giving client an edge over its competitors.
  • A robust mechanism to handle Data Subject Requests and Grievances ensured there are no escalations to Regulators