My Services
I provide the following services:
Privacy
Advisory, program management, and product management services
Drafting of all required documents, policies, and processes, including required privacy notices and other disclosures
The design and implementation of global cookie consent controls and disclosures. OneTrust CMP expert.
The design and day-to-day management of Data Subject Requests (DSRs)
Article 27 representation through my partnership with the EDPO
Fractional DPO/CPO services
Information Security
The design and implementation of comprehensive information security programs designed to match a company's risk threshold and stage. Programs can be either ad-hoc and self-audited or a comprehensive program using 3rd party audit standards such as SOC 2 and ISO27001
Assist engineering teams in designing robust, secure infrastructure
Assist sales and business development teams with inbound vendor risk management questionnaires
Program manage 3rd-party compliance audits. Drata GRC expert.
AI Governance
Align the use of AI/ML with current privacy and AI regulations
Ensure data used for model training is permissible for AI training use
Ensure fairness, bias, and anonymization are all considered when designing AI systems
Engagement Model
I am not a lawyer and do not provide legal advice or services. I typically work with a combination of legal and product teams for privacy and AI-related engagements and with engineering and operations teams for information security and audit-related engagements.
I have a standard hourly rate and bill only for the work I do. I do not do fixed-bid projects. Additionally, compliance is an ongoing process, so I tend to engage long long-term vs. short-term solution projects. On-going maintenance projects, such as monitoring a privacy inbox, require a monthly retainer.
DISCLAIMER: Simon Wynn Consulting is not a law firm and does not engage in the practice of law. Our services are not a substitute for professional legal advice, and you should consult a qualified attorney for legal matters.