Transactional: Deals and Data Protection
After the hefty fines and the possibility for collective redress claims hit the effective mark in May 2018, no investor is likely to purchase a business involved in processing of European citizens' data or based in the EU without a due diligence.
Depending on the sector, any identified risks with respect to GDPR compliance may take center stage and trigger a significant price adjustment or even constitute a deal-breaker. We know the right questions to ask in order to mitigate potential liability stemming from legacy data protection gaps. Processing of special categories of data, employees or third parties' large scale monitoring, proper papering of compliance, digital assets, subcontractors and data transfers – no stone must be left unturned to address any potential threats for the investor's balance sheet and reputation post-closing.