Personal Data Protection and Privacy
Personal data is a valuable, desirable, and vulnerable asset and the main capital of certain companies. Among other technological areas, new technology development, e-commerce, social networks, Big Data, the Internet of Things (IoT), artificial intelligence, and online advertising pose great challenges when protecting people’s personal data and their privacy.
The regulations on data protection in Ecuador are new, since the Organic Law on Personal Data Protection, inspired by the European GDPR, entered in force on May 26, 2021. There is a long way to go, but we are prepared to guide our clients in compliance with regulations.
This regulation establishes a variety of incentives for companies that comply with its standards within the deadlines set. We support our clients in preparing for the issuance of the new law in a timely fashion, especially by verifying the use they currently give to the personal data of their clients, employees, associates, and suppliers.
AVL’s professionals are trained in data protection under the European General Data Protection Regulation and the growing Ecuadorian regulations.
When driving a car aided by a mobile application that measures traffic in real time, when buying something through a cell phone, when listening to music or watching movies with a streaming app, our data is being analyzed by complex algorithms for statistical and commercial purposes.
The use of personal data in this environment generates challenges and risks that we help our clients to detect and neutralize.
Modern companies have a person in charge of data protection and privacy. We advise these officers (DPOs) on their internal tasks, especially regarding preventive analysis, and provide them with ongoing training to fulfill their delicate role.
Compliance with local and international data protection regulations should be a priority for companies, especially those that collect sensitive data. Failure to comply with regulations could lead to serious contingencies for businesses. We help to minimize these risks by conducting preventive audits.
Digital and online marketing can violate people's rights if the appropriate measures are not taken. Among such measures, defining privacy policies, obtaining consent for the use of data, proper use of databases, and leak-prevention and detection are essential. In particular, consumer data collection for profile and market analysis used to contact consumers with products customized to their needs can raise a number of legal questions.
- Implementing data protection and consumer defense policies to protect companies entering into nationwide and international e-commerce activities in the auto parts sales and distribution sector.
- Structuring documents for promotional activities by a major beverage company involving raffles, activation campaigns, and the collection of certain personal data of participants. We worked out a plan to fully protect the company from any action regarding the data collected and the databases generated.
- Drafting of terms and conditions, privacy policies, treatment of cookies, and legal notices, including several documents involving data protection for a client that markets a variety of mass consumer products. We supported their changeover to a primarily e-commerce focus, with product sales by web catalog.