Christine Mastromonaco

Experience

• Drafted U.S. and California privacy policies, cookie policies and internal procedures for responding to CCPA data requests for a parent corporation and its various subsidiaries. Such procedures detailed the protocols for responding to consumer and employer CCPA requests, including verification of consumer identity, designation of a response team and training of key personnel, grounds for denying a consumer request, methods of delivery of consumer data pursuant to a verified request and the necessity of keeping confidential personal information belonging to consumers other than the requesting party.
• Advised Fortune 500 energy company regarding the applicability of CCPA/CPRA to its subsidiary under the statute’s common branding provision.
• Counseled international cruise and hospitality company on GDPR and CCPA/CPRA risk with respect to SMS and email marketing campaigns.

Marketing and AdTech Advice

• Advised consumer products company on the privacy considerations under various state laws regarding the launch of a "refer-a-friend" marketing campaign wherein a consumer would receive a discount in exchange for providing the client with the name and email address of a friend.
• Counseled medical device company on the privacy, HIPAA and TCPA considerations in sending SMS appointment reminders and marketing materials related to lapiplasty surgery health services.
• Advised clients in various sectors regarding the use of cookies and other online tracking technologies, including the development of cookie notices.

Regulatory Compliance

• Advised asset management firm in its acquisition of an online pharmacy. Conducted due diligence with respect to the target company’s privacy program including internal review of CCPA and HIPAA policies and procedures.
• Drafted U.S. and California privacy policies and cookie policies for a national food distribution corporation and its various subsidiaries as well as internal procedures for responding to CCPA data requests, which included issues concerning verification of consumer identity, designation of a response team and training of key personnel, grounds for denying a consumer request, methods of delivery of consumer data pursuant to a verified request and the necessity of keeping confidential personal information belonging to consumers other than the requesting party.
• Developed online privacy policies, online terms of use and HIPAA compliant practices for videoconferencing for mental healthcare client.
• Represented clients in a variety of sectors including food and beverage, manufacturing, management consulting and telehealth in the negotiation of DPAs.

Data Strategy and Product Counseling

• Advised cruise ship company in the cross-marketing of its services via text message and email campaigns to customers of its European subsidiary. Provided counsel regarding the implications under the CCPA, GDPR and TCPA with respect to sharing personal information between parent and subsidiary and the disclosure of personal information to marketing vendors.
• Counseled digital payments company on the wording in their user flow and cookie policy in anticipation of the company adopting a digital tracking technology which enables their app to remember the user's external banking and account information, thereby eliminating the need for the user to enter their third party bank information each time they used the app.