|Event Date||Wed Feb 26 EST (almost 2 years ago)|
The EU’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA) impose new data privacy obligations and restrictions, at times with extra-territorial scope. Violations of these laws can result in serious liability for U.S. companies even after a merger or acquisition has occurred. Even so, many U.S. companies have not come into full compliance with the GDPR an CCPA, which can result in new liabilities and risks during M&A deals. This topic helps the persons involved on buyer and seller sides of M&As understand the applicability of the GDPR and CCPA to U.S. companies and how to incorporate data privacy compliance into M&A preparation and due diligence. The material also explains how data privacy risks can be addressed in relevant M&A documentation and post-deal integration and system management. As data privacy regulators enforce these new laws and individuals become more familiar with their new data privacy rights, this information is critical for businesses to ensure that their M&A processes protect parties from inadvertent noncompliance.
• You will be able to describe the GDPR and CCPA obligations and restrictions that are most likely to pose issues during mergers and acquisitions.
• You will be able to identify identify risk areas for on the buyer and seller side of a deal and describe how those risks could be addressed before, during, and after a deal.
• You will be able to recognize when a company may be subject to the GDPR or CCPA.
• You will be able to explain the types of transitional services and processes that will be needed to preserve relevant data privacy documentation and controls for post-deal compliance purposes.
Associate Attorney, GKG Law, P.C