CLIENT SPOTLIGHT: Grillo's Pickles

If you haven't been to the Grillo's Pickles website, you should. There, you'll find the fantastic story of how this company began. We've copied part of it here to save you a click.

Grillo's Pickles began with a pickle cart, just a small wooden stand in downtown Boston, where Travis Grillo and his friends would sell two spears for one dollar. Travis would make the pickles by night using his family's 100-year old recipe - one he'd memorized from making pickles every summer as a kid. In the morning, Travis would bike to the Boston Common and set up the cart with his buddies. They'd hang out all day, urging people to try the simple Grillo family pickle. It was a small business but Travis worked hard for it. He made more pickles, biked more miles, and slept less hours than he ever had before.
Read More..

CLIENT SPOTLIGHT: Factory Five Racing

Factory Five Racing was founded in 1995. Over the years they have grown from a start-up business in a small garage to become the world's largest manufacturer of "build-it-yourself" component car kits. They employ a full-time crew of about 40 people, and are located in Wareham, Massachusetts (about an hour south of Boston). They make their products right here in the USA, in the heart of New England where American manufacturing was born.
Read More..

CLIENT SPOTLIGHT: Luca + Danni

Fred and Danny Magnanimi grew up watching their father create beautiful, handcrafted jewelry in the family's Cranston, RI jewelry manufacturing business. When the boys grew up, Fred moved to New York and began working on Wall Street as an investment banker, while younger brother Danny, still enamored by the family business, stayed home. Increased competition from overseas businesses created significant challenges for the business, but Danny was confident he could find a way for the family business to evolve and thrive. This was his mission, this was his passion.
Read More..

PROFESSIONALS

    Services

      Others

        No results found. Please try using a different keyword.
        See all

        Naveed Cheraghchi & Brian Reilly: The Future of Privacy Legislation

        With the start of the New Year comes the enforcement of one of the country’s most anticipated pieces of legislation, the California Consumer Privacy Act (CCPA). In many ways, the CCPA is similar to its European counterpart, the General Data Protection Regulation (GDPR). This edition of Three Things provides a reminder of what businesses can do now to begin the process of complying with both the CCPA and GDPR.

        1. DATA COLLECTION Both CCPA and GDPR restrict the collection of data that can be traced back to the individual, known as personal data/information. To be subject to the CCPA, a company must do business in California and meet at least one of three criteria: (1) have a gross revenue greater than $25 million; (2) annually buy, receive, sell, or share the personal information of more than 50,000 California residents, households, or devices for commercial purposes; or (3) derive 50 percent or more of its annual revenue from selling California residents’ personal information. The GDPR applies to data controllers and processors that are (1) established in the EU and process personal data in the context of their activities, regardless of whether the processing takes place in the EU; or (2) not established in the EU that process personal data in connection with offering goods or services in the EU, or monitoring their behavior. Regulated businesses must aggregate or anonymize data so that consumers can’t be identified through the collected information. Additionally, the regulations require businesses to inform consumers what kind of data is being collected and the purposes for the collection.

        Action: Businesses should conduct a data inventory of all of the personal information that they collect and ensure that data is unidentifiable.

        2. DATA PROTECTION Neither CCPA nor GDPR states the specific security measures that must be implemented by companies. Instead, the CCPA establishes a way for consumers to sue companies for data breaches when the companies don’t meet their duty to implement and maintain reasonable security practices, and the GDPR requires businesses to take measures proportional to the security risks. Importantly, consumers have a right of access under both the CCPA and GDPR, which means businesses must be able to inform consumers exactly what information the business has collected, and how that information is being processed. Businesses must also be aware that consumers have a right to opt-out. Under the CCPA, consumers have an absolute right to opt-out of the sale of their personal data. The GDPR has an exception from opting-out if there are legitimate grounds for the data processing, but otherwise consumers can opt out of any processing of their data, not just its sale.

        Action: Businesses must ensure that they have written contracts with any service providers they may share the data with. If not, they could face penalties if the service provider fails to comply with the applicable regulation. Businesses should also update their privacy policies and procedures with these data protection standards in mind; in Massachusetts, this includes implementing and abiding by a written information security policy.

        3. DISPOSAL OF DATA Businesses must also be wary of consumers’ right to deletion under both the CCPA and GDPR. The CCPA’s right to deletion is broad, but subject to a few exceptions. Under the GDPR, consumers can request deletion only if the request meets one of six criteria. Both the CCPA and GDPR also require businesses to instruct downstream data recipients to delete the data as well.

        Action: To meet these requirements, businesses should implement a consumer self-service model to assist in handling deletion requests. The same model could also be used to facilitate right of access and opt-out requests.

        For a shareable version of these Three Things, click here