Tillage: Privacy/Security/Compliance Consulting

Services

Document personal data receipt and use

Create GDPR Article 30 ROPAs

Develop data flow diagrams

Assess data controller vs. processor roles

Roster vendors and subprocessors that have access to your personal data

Support privacy policy and notice drafting

Craft privacy request procedures

Implement cookie management solutions

Program data retention schedules

Advise on consent design

Consult on security controls

Arrange vendor data processing addendums

Conduct privacy impact assessments

Implement privacy and GRC software

Establish governance models and KPIs

Support privacy/security due diligence

Handle data deletion, access, etc. requests

Help with vendor vetting

Perform periodic data inventorying

Ongoing cookie management maintenance

Orchestrate training and privacy-by-design

Help with regulatory monitoring

Modify privacy/security practices and artifacts as the business and requirements change

GDPR and other international standards

SOC 1/2 and ISO 27001

EU-U.S. Data Privacy Framework

CCPA and other U.S. state privacy laws

ISO 27701 and ISO 28018

COPPA and Age-Appropriate Design Codes

HIPAA, GLBA, and other sectoral laws

AI/ML, IoT, adtech, and other technologies