top of page

Janet Lynch

Principal - Data Privacy

Janet is an experienced Privacy Practitioner and Lawyer who delivers pragmatic, strategic and business-minded data protection advice to clients in Ireland, the United Kingdom, USA and the Middle East. Being business focused, Janet understands how companies can use and leverage data to achieve business objectives whilst remaining ethical and compliant in their use of that data.

  • LinkedIn

Contact

+353 87 277 3671

Experience

CROSS BORDER DATA TRANSFERS
 

  • Designing solutions for cross border transfers, SCC (Schrems II), IDTAs and derogations.
     

  • Coordinating and updating intra-group agreements, transfer impact assessments (TIAs), updating of SCC contractual clauses and public authority request procedures.
     

  • Supported the Chief Privacy Counsel and DPO (global telecom provider), in developing the groups privacy governance framework and cross border transfer strategy. The Group globalised (100+ territories) their privacy program in preparation for BCR approval.
     

  • Collaborated with internal legal teams to pre-empt their customer’s queries into an FAQ bible of responses regarding (processor) technical and organisational measures where clients provided cross border support.
     

  • Coached internal legal teams on operationalising tailored customer transfer solutions.
     

  • Customer communication and migration from SCC to BCR based data transfers.

EMPLOYMENT / HUMAN RESOURCES SUPPORT

  • Experience in consumer privacy, digital advertising, analytics, as well as information security policies and standards, including incident response, anonymisation/pseudonymisation of data, data governance, and other enterprise and employee privacy and security issues.
     

  • Working with employment teams (globally) on privacy/employment queries, including policies, whistleblowing solutions, internal investigations, employee monitoring, use of biometric data, clock in systems, and diversity and inclusion programmes.


STRATEGIC PLANNING AND COMMUNICATIONS
 

  • Experience interfacing with regulators globally and responding to investigations.
     

  • Partnering with key internal stakeholders in executing their privacy strategy across advertising, media, communications, and technology and collaborate in the design and ongoing update of public-facing privacy policies, standards, and procedures.
     

  • Conducted cross-border data privacy surveys for clients, both to review their existing processes and procedures and to help set up new ventures.
     

  • Supporting the commercial teams (globally) in drafting and negotiating privacy related contracts, data processing agreements and customer facing privacy affirmations.

PRIVACY / GOVERNANCE

  • Experience designing global privacy frameworks for a diverse network of clients in different sectors such as Ryanair (aviation), Bulb UK (energy), Nokia Group (telecom), Dunnes Stores (retail), and for public and private sector clients.
     

  • Operational experience designing and reviewing, data protection gaps and maturity assessment, data mapping and classification, data protection impact assessment (DPIA), records of processing activities (RoPA), Data Subject Access Request (DSAR), Privacy by Design (PbD) and registration requirements.

MARKETING AND PRODUCT DEVELOPMENT
 

  • Collaborating with key business areas to ensure data privacy issues are considered at the outset of new projects, products, and initiatives.
     

  • Assisting product lawyers, product managers, and engineers, in evaluating the impact of privacy laws, regulatory guidance and enforcement actions, and other related guidelines on product features.
     

  • Advising technical and business development teams on legal risk from the initial stages of product development, through launch, to market strategy.
     

  • Knowledgeable in consumer protection issues in the digital environment, security, IP law, platform liability, marketing and advertising law, and information policy.

Credentials

ADMISSIONS AND QUALIFICATIONS​​

  • Ireland

  • England & Wales

  • New York

EDUCATION

  • Certified Information Privacy Professional (CIPP E, A, US, and CIPM)

  • Diploma in Commercial Contracts, Law Society of Ireland

  • Diploma in Corporate Governance, Risk, Compliance, Law Society of Ireland

  • Master of Laws LLM, University of London

bottom of page