Privacy & Data Protection

Helping clients navigate privacy issues.

Bereskin & Parr’s Privacy & Data Protection practice group supports businesses by navigating increasingly complicated issues arising from the collection, use and disclosure of personal information. The law on privacy is rapidly changing in response to emerging technologies that have evolved the traditional use of personal data and we keep our clients apprised of these changes. We understand that data is often among a company’s most valuable assets and our team can help by giving practical advice tailored to your business. Our team also has experience in related areas of law, including trademark, copyright and digital media, patenting, consumer protection and regulatory compliance matters.

We can assist at every stage of the privacy process to help clients meet their obligations and requirements under federal and provincial privacy protection laws. At the outset, we can work with companies to implement internal procedures, prepare individualized privacy policies, and assist with data mapping, all of which aim to enhance the user experience, provide better transparency, and protect the company. We assess the privacy implications of existing products and services and assist with compliance measures as well as help companies understand how to develop new products and services while keeping privacy considerations at the forefront.

In addition to proactive preparation, we help clients react to and manage data breaches and cybersecurity incidents by advising on legal requirements associated with notification to regulators, affected consumers and third-party organizations.

We have trusted associates in jurisdictions throughout the world with whom we collaborate on privacy matters, with a view to global compliance.

Our Services

The following is a list of services that members of our Privacy, Cybersecurity & Data Protection team can provide:

• Advise clients on compliance with Canadian provincial and federal privacy legislation including the Personal Information Protection and Electronic Documents Act (PIPEDA), Alberta’s Personal Information Protection Act (AB PIPA), BC’s Personal Information Protection Act (BC PIPA), and Quebec’s Act Respecting the Protection of Personal Information in the Private Sector (Quebec’s Private Sector Act).
• Prepare privacy policies, consent documents and notices.
• Help implement internal privacy procedures and policies to comply with privacy laws, including retention policies and employee training.
• Provide opinions on the collection, use and disclosure of personal information, including assisting with data mapping exercises and conducting privacy impact assessments.
• Assist with incident response plans and advise management teams on best practices and legal duties.
• Assist clients’ response to investigations and complaints filed with regulatory bodies.
• Help manage data breaches, including assisting with reporting to regulatory bodies and affected individuals.
• Prepare or review third-party service provider agreements to ensure privacy compliance.
• Advise clients on compliance with Canada’s Anti-Spam Legislation (CASL).