My Services

I provide the following services:

Privacy

  • Advisory, program management, and product management services

  • Drafting of all required documents, policies, and processes, including required privacy notices and other disclosures

  • The design and implementation of global cookie consent controls and disclosures. OneTrust CMP expert.

  • The design and day-to-day management of Data Subject Requests (DSRs)

  • Article 27 representation through my partnership with the EDPO

  • Fractional DPO/CPO services

Information Security

  • The design and implementation of comprehensive information security programs designed to match a company's risk threshold and stage. Programs can be either ad-hoc and self-audited or a comprehensive program using 3rd party audit standards such as SOC 2 and ISO27001

  • Assist engineering teams in designing robust, secure infrastructure

  • Assist sales and business development teams with inbound vendor risk management questionnaires

  • Program manage 3rd-party compliance audits. Drata GRC expert.

AI Governance

  • Align the use of AI/ML with current privacy and AI regulations

  • Ensure data used for model training is permissible for AI training use

  • Ensure fairness, bias, and anonymization are all considered when designing AI systems

Engagement Model

I am not a lawyer and do not provide legal advice or services. I typically work with a combination of legal and product teams for privacy and AI-related engagements and with engineering and operations teams for information security and audit-related engagements.

I have a standard hourly rate and bill only for the work I do. I do not do fixed-bid projects. Additionally, compliance is an ongoing process, so I tend to engage long long-term vs. short-term solution projects. On-going maintenance projects, such as monitoring a privacy inbox, require a monthly retainer.

DISCLAIMER: We are not lawyers, nor a law firm, and do not engage in the practice of law. Simon Wynn Consulting cannot and does not provide legal advice or legal representation. The guidance contained in this article is not intended to be a substitute for a lawyer or professional legal advice.