Theodore Kinch

Gap, Inc. is one of the world's leading retailers, boasting over 140,000 employees and $16B in annual revenue. As a member of the Privacy team, I advise on developments in privacy law to all of Gap Inc's brands in all markets. Responsibilities: • Advise Marketing, IT, eCommerce, HR, and Corporate Operations teams on compliance obligations under US and international privacy regulations including GDPR, CAN-SPAM, TCPA, CCPA, CASL, China’s CSL and others. • Draft consumer and corporate privacy policies reflecting digital operations around the globe. • Develop and advise on privacy operations program for the lawful collection and use of customer data, fulfillment of data access requests, record of processing tracking, and DPIAs. • Implement privacy monitoring program to proactively diagnose and remediate issues. • Partner with Information Security to review security policy, document compliance efforts, run security assessments, and remediate issues. • Maintain data incident response plan and conduct tabletop trainings with key business partners. • Collaborate with Commercial Legal, Information Security, and Procurement teams to manage risks associated with adoption of third party technology by reviewing vendor disclosures, drafting and negotiating data processing agreements, and advising on product setup. • Partner with Internal Audit and serve as attorney of record for multiple privacy and security related audits. • Manage data incidents and respond to regulators as necessary. Key Accomplishments: • Drafted corporate policies to standardize Gap’s collection and use of customer data through various channels including ecommerce, mobile, stores, and social media. • Conducted assessment of HIPAA security compliance obligations, drafted policy revisions and advised key business partners on the same. • Partnered with Gap’s China Legal team to build CSL compliance program, including both privacy and security related assessments and remediation efforts.

NationBuilder is a platform for leaders. Our comprehensive CRM/CMS software combines websites, databases, data analytics, and communications tools, which allow our customers to create meaningful and lasting connections and understand their impact on the world. Managed legal affairs as the sole in-house counsel for an Andreessen Horowitz backed, pre-IPO technology company with $40M in funding. Advised NationBuilder’s Board of Directors on US and international corporate matters involving financing, entity structuring, corporate governance, risk management, data privacy, security, employment, intellectual property, and litigation. Oversaw legal negotiations for enterprise sales and business development teams involving NationBuilder’s core customers, which include Fortune 500 companies, large brands, NGOs, and political campaigns. Successfully negotiated $15M in enterprise level SaaS agreements by collaborating with sales, support, and product teams. Managed corporate data privacy program by advising product, engineering and sales teams on US and international data privacy laws, including TCPA, HIPAA, COPPA, EU-US Privacy Shield, EU Privacy Directives, Australian Privacy Principles, and others. Responded to customer, government, and public inquiries regarding product compliance, data subject issues, and corporate registrations. Developed NationBuilder’s security program by collaborating with operations, HR, and engineering teams to implement technical, administrative, and physical security measures. Drafted disaster recovery and incident response policies. Trained employees on procedures during security incidents. Managed law enforcement inquiries as necessary. Managed international operations in Canada, Ireland, and Australia. Advised senior management on creation and maintenance of corporate subsidiaries to expand sales and engineering teams, protect intellectual property, and store customer data abroad.

Provided expert analysis of litigation materials surrounding patent, trademark, copyright, licensing, and employment cases for Google and subsidiaries. Improved user productivity 30% with scripts and coding that automated elements of two (2) flagship proprietary eDiscovery applications, Relativity and Recommind.

Gained deep practical experience in international corporate development with this globally distinguished law firm. Managed a team of 6 paralegals in BAL's global development practice. Increased team performance by analyzing and restructuring workflows and client assignments. Improved team moral and client satisfaction through individualized communications training for team members. Acquired extensive knowledge of regulatory compliance (corporate immigration registration, FCPA anti-bribery regulations, government-mandated foreign worker quotas, and immigration record keeping). Realized positive immigration audits/pre-audits/mock audits for Fortune 500s in 20+ countries, including Canada, Dubai, Gabon, Indonesia, Kazakhstan, Malaysia, South Africa, and South Korea. Managed $8M in client revenue and created 10% gains in team efficiency by overhauling immigration processing operations on global program.

Capitalized on knowledge of corporate transactional law to establish specialty law firm. Solved complex legal issues for regional businesses involving founder’s agreements, entity creation, executive compensation, securities registration, employee stock option plans (ESOPs), employment law, and intellectual property (IP). Proved critical in launching dozens of businesses and obtaining large funding rounds for clients, as well as structuring and negotiating multimillion-dollar, international licensing deals between large corporations. Solved several corporate securities issues, drafted founder’s stock agreements, stock purchase and sales agreements, employee stock plans/pools, and 83(b) tax elections. Contract drafting and negotiations included service level agreements (SLAs), one-time and ongoing software development agreements, software licensing agreements, and user data-sharing agreements. Client IP protection: registered trademarks and copyrights with USPTO and USCO, ensured full website terms of service, privacy policies, user agreements, online purchase and sales agreements, as well as online browse-wrap and click-wrap agreements for eCommerce businesses. Employment law: improved employee relations and staff morale by counseling companies on employee hiring, foreign national filings (H-1B & O), employee handbooks, disciplinary measures, and compliance under OSHA, Cal-OSHA, FEHA, and the ADA.