Tom is the founder and Senior Consultant at Apex Privacy, a straight-talking GDPR compliance firm that crafts bespoke data protection programmes for your business and specializes in helping SaaS companies get GDPR compliant. Tom is an experienced data protection officer and legal compliance consultant specialising in IT, Finance and Health, he has a proven track record in delivering business-centric legal compliance initiatives across Europe, Asia and the US. making him an international expert with extensive experience in the international transfer of data.
He acts as Data Protection Officer for SaaS, Healthcare and IT companies spanning Ireland, US, UK, Switzerland and Australia.
His experience includes working on global regulatory compliance projects for the likes of JP Morgan and Citi Bank as well as AIB within Ireland.
Tom is also the host of “The Data Privacy Podcast” where they explore the best privacy methodology and practices within leading businesses.
During this interview we cover:
00:00 - Intro
01:29 - Background, Past Ventures & Idea & Problem To Solve With Apex Privacy
06:10 - What Constitutes Personal Data & Why It’s Important
08:39 - At What Point Should SaaS Founders Create a GDPR Compliance Program
13:07 - What Does an Audit Entrail and Typically Look Like
15:30 - Biggest Changes Happening in Data Management (US vs EU)
19:57 - Risks for More Regulated Businesses or With More Confidential Data
25:46 - The Data Processing Agreement for SMBs in the SaaS Industry
29:17 - Machine Learning & Personal Info, Am I Protected?
31:59 - GDPR on the International Context & Schrems II
36:17 - Risk Assessment on Data Management for SaaS