Data Privacy Consulting Services

Governance

Our consultants will work directly with your legal experts to set up processes that bring regulatory requirements into technical plans for development teams. We’ll also set up monitoring systems so that you can stay on top of compliance.

Your Processes

Our consultants will work directly with your development teams to ensure data protection. We’ll put policies into action using experience-backed processes and programs, respond to rights requests, successfully carry out audits, and manage consent forms. 

Third Parties

GDPR and other legal requirements don’t just apply to you. You are also responsible for ensuring that any third parties with access to your customers’ data are in compliance. We’ll help you set up a procurement process and establish vendor contracts that ensure your customers’ rights are protected. 

Investigate

We’ll investigate your current controls and see how they stack up against regulatory requirements and your existing internal mechanisms. 

Create

We’ll design, develop, and implement business processes, including internal controls, business and development requirements, and a plan going forward. Our systems can also include tools for selecting vendors. We’ll then embed vendor selection into your larger operating systems with all of the appropriate change management communication and training.

Operate

Our software development experts can continually operate your data privacy software, ensuring that data privacy requests are managed in compliance with appropriate regulation. This includes measuring the success of your processes and running audits to ensure bugs are not introduced over time. We’ll also use Agile processes to continually iterate and improve your processes, particularly when new data privacy laws are passed. 

One of the most important capabilities your data privacy systems must have is managing requests from your customers to access and delete their personal data. To help you do this, we provide: 

• Complete end-to-end solutions
• Communication systems
• Portals
• Assessments
• OneTrust configuration 
• Reporting
• Roll out

GDPR and other regulations require companies to allow their customers to opt in/out of data processing via cookies and other marketing tools. Our services in this area include: 

• Consent management
• The OneTrust Consent Management Platform (CPM)
• CPM integration with your back end
• Implementation of the OneTrust preference center
• Localized cookie consent pop-ups 
• Governance tools and processes for cookies 
• Auditing and correcting issues with your current cookies 

We also provide solutions for your internal governance processes, including an impact assessment that covers: 

• Implementing the OneTrust Assessment Automation module 
• Integrating OneTrust into your current infrastructure 
• Loading your current IT assets into OneTrust
• Creating assessments 
• Developing processes for determining, reviewing, and mitigating risks 
• Configuring reports and dashboards with OneTrust and integrating OneTrust with your current data reports 
• Creating unique trainings to demonstrate OneTrust assessments to your employees 
• Operating and updating your PIA processes

Coppei also provides solutions that help you manage your vendors and ensure their data privacy compliance: 

• Implementation of the OneTrust solution for vendor risk management and assessment 
• Integration of your existing list of vendors and their information with OneTrust, which gives you access to risk profiles for over 70,000 vendors 
• Data entry of your existing vendor contracts into OneTrust 
• Connection of your IT assets and vendor inventory, which will allow you to ensure compliance and track risks 
• Up-to-date Standard Contractual Clauses (SCCs) with any vendors outside of the EU/EEA 
• Configuration of vendor assessment templates, risk ratings, and control frameworks 
• Unique training materials 
• Change management to ensure that employees across your organization know how to use all new tools and understands why they are important