Download PDF

Professional Experience

  • Strong Execution & Leadership
  • PIA & DPIA specialized
  • US & Canada Privacy expert
  • Excellent Communication Skills
  • GDPR & Latin America Expertise
  • Extreme Attention to Detail
  • Problem-Solver
  • Strong Relationship Management 
  • Resolves Complex Issues  
  • Leader
  • Expert in Compliance Standards
  • Efficient Time Management
  • Analytical Negotiator
  • Confidentiality

Projects and Achievements

  1. Privacy Compliance Advisory for UKG Customers: Delivered expert advisory services on GDPR, PIPEDA, and various US state privacy laws to ensure customer compliance.
  2. Express Privacy Impact Assessments: Led Express Privacy Impact Assessments within internal teams, identifying and mitigating risks related to DSAR non-compliance.
  3. Privacy and AI Compliance Training Initiatives: Initiated and conducted comprehensive training and awareness programs on emerging regulations, including the EU AI Act, Colorado AI Act, GDPR, and CCPA, across multiple teams at UKG.
  4. Development of Privacy Best Practices: Created detailed privacy best practices guides, quick reference materials, and compliance infographics to enhance training and communication with customers and associates.
  5. Data Processing Addendums (DPA) for Nasdaq: Successfully coordinated and completed the execution of Data Processing Addendums (DPA) with 850 vendors, ensuring compliance with the Standard Contractual Clauses (SCC) deadline.
  6. Privacy Impact Assessment for a Large Charity: Conducted a comprehensive Express PIA for a major charity, identifying potential non-compliance risks with privacy regulations across various continents.

Work experience

UKG
2023-052024-07

Compliance Research Advisor

In charge of reviewing internal teams, customers and vendors' compliance with privacy and AI regulations. Delivering Training and Awareness on data protection and AI compliance to internal teams. Results: Privacy research and updates for 46 countries worldwide.

Nasdaq
2022-102023-04

Data Privacy Consultant

Working at Nasdaq Privacy Team. In charge of reviewing agreements with Nasdaq and vendors. Executing Data Processing Addendums (DPA) to comply with GDPR data transfer enforcement between parties. Negotiating with vendors to complete the Standard Contractual Clauses (Schrems II) assessment about data transfers and Transfer Impact Assessments (TIA). Running OneTrust SCC questionnaire on vendors. Project execution accomplished. Results: 850 DPAs were signed.

MorganFranklin Consulting
2022-092024-03

Senior Consultant, Strategy and Risk

Senior Data Privacy Consultant. GDPR, CCPA, LGPD, State Regulations, Federal Regulations, Standard Contractual Clauses, Latin American Regulations. Research and analysis of regulations applicable to clients' Data Privacy Programs. Technical reports. Data Processing Addendums (DPA). Contracts and Agreements' Reviews. OneTrust. DPA negotiation between parties. Reference Guides and Privacy Frameworks. Transfer Impact Assessments (TIA), PIA, DPIA.

Meridian PDP, Weston, US
2018-082022-09

Data Protection & Privacy Consultant

Durand & Associates, UY
2011-012018-08

Data Privacy Associate Attorney

  • Drafted, reviewed, and negotiated contracts (non-disclosure agreements, customer services agreements, and vendor engagements) involving technology, privacy, cyber security and data.
  • Provided support on the monitoring of changing data protection and data governance laws and regulations on a global basis; advocating legal assistance to key stakeholders across several issues.
  • Reviewed projects and  initiatives involving technology affecting global functions that have cross border implications and worked with partners to develop a strategy and address potential risks.
  • Conducted internal, third-party, and Privacy Impact Assessment reviews; tracking and supporting remediation activities.
  • Updated data protection documentation and guidelines; documenting processes and process amendments as required by regulations.

Skills

Word
Legislation
Strict Confidentiality
Leads the Team
Colorado AI Act
EU AI Act
Law 25
Analytical Negotiator
PIPEDA
Efficient Time Management
Efficient Time Management
Privacy Leader
OneTrust Certified Privacy Professional
Risk Management Framework
Risk Minimization
CIPP/US
Privacy by Default
Previous Consent
Opt-in Specialist
Opt-out Specialist
Universal Consent
Privacy by Design (PbD):
GDPR Privacy by Default
Data Discovery
Data Mapping
Data Classification
Leadership
Efficient Time Management
Attitude. Self Motivated
Analytical Negotiator
AI Compliance
Data Protection Compliance
Privacy Compliance
US & Canada Privacy
Privacy and Data Protection: HIPAA
GDPR & Latin America
Legal Research
Cybersecurity
Documentation
Contract Negotiations
Project Management
Microsoft Office
Excel
Power Point

Education

University of Zaragoza
2007-022013-09

Ph.D.

Ph.D., Philosophy of Law - Data Protection (2013)  - University of Zaragoza, Spain. Excellent Cum Laude Graduated.

University of La Republica (UdelaR)

J.D.

J.D., Juris Doctor (2002) - University of the Republic, Uruguay

Certifications

  • CIPP/US, Certified Information Privacy Professional
  • OneTrust Certified Privacy Professional
  • Project Management Professional
  • GDPR DPO 180 Certified

Languages

English
Spanish
Portuguese

Summary

Experience implementing privacy programs, corporate, and municipal compliance.

Data protection, PIPEDA, GDPR, US States, LATAM, APAC, DPF, DPIA, TIA.

OneTrust modules, BigID modules, DPAs, RoPA, AI Assessments based on EU AI ACT and Colorado AI Act.

Establishing cross-functional, practical GRC and AI compliance approaches that fit company culture and business goals while achieving process improvement systems.

More than 20 years of work experience in data protection, Privacy, and risk.

Senior Consultant and Privacy Leader specializing in Data protection, PIPEDA, GDPR, US

States, LATAM, APAC, DPF, DPIA, TIA.

OneTrust modules, BigID modules, DPAs, RoPA, AI Assessments based on EU AI ACT and

Colorado AI Act establishing cross-functional, practical GRC and AI compliance

approaches that fit company culture and business goals while achieving process

improvement systems.

I have a PhD in data protection from Universidad de Zaragoza, and I am certified by

OneTrust and CIPP/US, the global standard for privacy professionals.

I have also authored multiple publications on data protection principles, standards, and

compliance.

Publications