Data Protection, Policy & Cybersecurity

At Waziri Omollo & Company Advocates, we offer curated legal services by advising our clients on the developments in the cyber security sector and the data protection laws at the National level, regional and international level.
We are exceptionally well positioned to take care of all challenges associated with data including preparation of data protection policies, GDPR compliance, drafting of privacy agreements and advising on data subject rights.
We advise on a variety of matters, including:
 Assessment and management of data privacy and cybersecurity risks and liabilities in corporate and financial transactions, including due diligence in M&A transactions, data transfers in cross-border acquisitions, and restructuring.
 Compliance with data protection laws and regulations in multiple jurisdictions, including, the Data Protection Act, the EU General Data Protection Regulation (GDPR), the Banking Act, and anti-money laundering and related requirements.
 Board fiduciary duties, required disclosures, and related corporate governance issues.
 Preparing for and responding to cyber-security incidents, including advice under various data breach notification laws and liaising with law enforcement and regulatory bodies.
 Assistance with internal investigations and in responding to government requests for information and Court Orders.
 Assessment and drafting of IT and privacy policies, codes of conduct, policies, binding corporate rules, and data transfer agreements.
 Privacy and cybersecurity provisions in vendor contracts, including cloud computing and outsourcing agreements.
 Advice on usage of data in marketing, including opt-out and opt-in mechanisms in relation to placement of cookies and consents.