Summary
Overview
Work History
Education
Skills
Leadership Experience
Timeline
Generic

Denis Nolasco

New York City,NY

Summary

Regulatory Compliance, AI, Data Privacy, Cybersecurity, and User Safety Lawyer with 7+ years of experience. Skilled in developing policies and managing cross-functional teams to execute ethics and corporate compliance programs.

Overview

7
7
years of professional experience

Work History

Regulatory Compliance, Government Affairs, and Privacy Counsel

Nextdoor
12.2024 - Current
  • Design process, risk assessment, controls, and systems to ensure company's regulatory adherence with AI, data privacy, online safety, and consumer protection regulations.
  • Support executive advisory sessions and workshops to inform enterprise online safety and AI regulatory frameworks to mitigate safety risks and ensure legal adherence.
  • Spearhead constructive legislative engagement strategy for relevant laws to advocate for a risk-based approach, minimize legal cost, and enable innovation.

Policy Compliance Manager

Spotify
06.2021 - 12.2024
  • Spearheaded, implemented, and managed systems, processes, and policies to ensure Spotify's compliance with the EU AI Act, Digital Services Act (DSA), UK Online Safety Bill, and online governance regulations in Latin America.
  • Drove, along with Spotify's Government Affairs team, influencing new privacy, artificial intelligence, and user safety regulations through legislative advocacy campaigns.
  • Led cross-functional teams in conducting product trust assessments and enabling over 20 successful product launches through effective risk mitigation strategies.
  • Drafted and integrated enterprise user communication into the workflow to uphold data subject rights, delivered comprehensive information about company content moderation decisions, and established an appeal mechanism.

Legal Advisor

Access Now
12.2020 - 06.2021
  • Advised internal teams on economic sanctions and their impact on technological device donations.
  • Led cross-functional teams to embed Privacy by Design (PbD) principles to mitigate against high-risk activities; conducted Records of Processing Activities (ROPAs), cookie audits, and Data Protection Impact Assessments (DPIA).
  • Spearheaded the General Data Protection Regulation (GDPR) initiative, enhancing efficiency in regulatory risk management, internal controls, and monitoring procedures for operations exceeding USD$14 million.
  • Created, managed, and addressed DSAR processes for all global Access Now users reducing regulatory risk by 85%.

Privacy Counsel

MongoDB
04.2020 - 11.2020
  • Advised on cybersecurity incidents by evaluating regulatory risks, identifying notification obligations, drafting communications, and collaborating with cross-functional teams to address root causes.
  • Managed privacy compliance programs for California Consumer Privacy Act (CCPA), Brazil Data Protection Regulation (LGPD), and GDPR.
  • Spearheaded Schrems II due diligence and devised new supplementary measures for data transfer to enhance data protection, including encryption, pseudonymization, and tailored contractual clauses that specifically address government access to data. Reduced client inquiries by 60%.

Vice President Data Privacy

Bank of New York Mellon
07.2018 - 03.2020
  • Drove privacy governance frameworks to manage data use, including developing data privacy inventories for 4.45+ billion business to achieve compliance with Personal Information Protection and Electronic Document (PIPEDA), LGPD and CCPA.
  • Advised the project and sales team on the deployment of an AI fraud detection product, integrating principles of data minimization and conducting data protection impact assessments and mitigated exposure to biometric privacy laws by 80%.
  • Advanced enterprise risk management by creating data privacy M&A due diligence into a company-wide M&A process to ensure that BNY Mellon mitigated data privacy risks prior to purchasing new business units.
  • Trained over 200+ stakeholders on data privacy obligations.

Education

LLM - European Union Law

UNIVERSITE PARIS II PANTHEON- ASSAS
Paris, France
05.2017

Juris Doctor - Law

FORDHAM UNIVERSITY SCHOOL OF LAW
New York, NY
05.2017

Bachelor's - Political Science

BARUCH COLLEGE, CITY UNIVERSITY OF NEW YORK
New York, NY
05.2008

Skills

  • CIPP/EU/US/C
  • Regulatory compliance
  • Privacy by design
  • Data governance
  • CIPP/AIGP (expected August)
  • Data Privacy
  • AI Governance

Leadership Experience

  • Women.NYC, Mentor
  • America Needs You, Mentor Coach
  • IAPP, Member

Timeline

Regulatory Compliance, Government Affairs, and Privacy Counsel

Nextdoor
12.2024 - Current

Policy Compliance Manager

Spotify
06.2021 - 12.2024

Legal Advisor

Access Now
12.2020 - 06.2021

Privacy Counsel

MongoDB
04.2020 - 11.2020

Vice President Data Privacy

Bank of New York Mellon
07.2018 - 03.2020

LLM - European Union Law

UNIVERSITE PARIS II PANTHEON- ASSAS

Juris Doctor - Law

FORDHAM UNIVERSITY SCHOOL OF LAW

Bachelor's - Political Science

BARUCH COLLEGE, CITY UNIVERSITY OF NEW YORK

Similar Profiles

  • Valencia WeaverValencia Weaver

    <ul> <li>Hours per week: 40.</li> </ul> <p><strong>Duties, Accomplishments, and Related Skills:</strong></p> <ul> <li>Supervise and coordinate daily administrative workflows for a team of 15 employees, ensuring timely task execution, adherence to protocols, and consistent performance monitoring.</li> <li>Maintain accurate records and documentation related to property intake, detainee processing, transportation, and deportation; verify and audit files to ensure regulatory compliance, and data integrity.</li> <li>Execute high-volume data entry (up to 8 hours per day), including the entry of case notes, customs documentation, custody logs, and internal reports into secure federal databases.</li> <li>Develop, review, and edit administrative reports and forms for internal use and government audits; ensure completeness, accuracy, and policy alignment.</li> <li>Serve as the primary liaison between facility staff, supervisors, and stakeholders; facilitate clear, professional communication, and documentation flow across departments.</li> <li>Identified discrepancies in data entries and corrected them accordingly.</li> <li>Oversee inventory control processes, including the secure receipt, tracking, and storage of personal property, using standardized procedures and government tracking systems.</li> <li>Conduct routine audits and quality control reviews to ensure that administrative practices meet federal operational standards.</li> <li>Apply sound judgment to evaluate options, solve problems, and make informed recommendations on administrative and operational matters, contributing to efficient workflow management, and compliance with agency standards.</li> <li>Assist in developing and revising privacy and security policies concerning Personally Identifiable Information (PII); identify potential compliance risks, and recommend solutions.</li> <li>Coordinate logistics for detainee transportation to court and medical appointments, manage schedules, and track movement through detailed administrative planning.</li> <li>Conduct roll calls, and ensure accountability through diligent documentation, system updates, and status reporting.</li> </ul> <p>Supervisor: Scott Jackson (949) 456-2706.</p> <p>Permission to contact: Yes.</p> at ProTech USA LLC, Government Contracting<ul> <li>Hours per week: 40.</li> </ul> <p><strong>Duties, Accomplishments, and Related Skills:</strong></p> <ul> <li>Supervise and coordinate daily administrative workflows for a team of 15 employees, ensuring timely task execution, adherence to protocols, and consistent performance monitoring.</li> <li>Maintain accurate records and documentation related to property intake, detainee processing, transportation, and deportation; verify and audit files to ensure regulatory compliance, and data integrity.</li> <li>Execute high-volume data entry (up to 8 hours per day), including the entry of case notes, customs documentation, custody logs, and internal reports into secure federal databases.</li> <li>Develop, review, and edit administrative reports and forms for internal use and government audits; ensure completeness, accuracy, and policy alignment.</li> <li>Serve as the primary liaison between facility staff, supervisors, and stakeholders; facilitate clear, professional communication, and documentation flow across departments.</li> <li>Identified discrepancies in data entries and corrected them accordingly.</li> <li>Oversee inventory control processes, including the secure receipt, tracking, and storage of personal property, using standardized procedures and government tracking systems.</li> <li>Conduct routine audits and quality control reviews to ensure that administrative practices meet federal operational standards.</li> <li>Apply sound judgment to evaluate options, solve problems, and make informed recommendations on administrative and operational matters, contributing to efficient workflow management, and compliance with agency standards.</li> <li>Assist in developing and revising privacy and security policies concerning Personally Identifiable Information (PII); identify potential compliance risks, and recommend solutions.</li> <li>Coordinate logistics for detainee transportation to court and medical appointments, manage schedules, and track movement through detailed administrative planning.</li> <li>Conduct roll calls, and ensure accountability through diligent documentation, system updates, and status reporting.</li> </ul> <p>Supervisor: Scott Jackson (949) 456-2706.</p> <p>Permission to contact: Yes.</p> at ProTech USA LLC, Government Contracting

  • Maurizia OraziMaurizia Orazi

    EMEA Privacy and Compliance Coordinator at Zebra Technologies Europe LimitedEMEA Privacy and Compliance Coordinator at Zebra Technologies Europe Limited

  • Swapnil JainSwapnil Jain

    Manager-Regulatory affairs at CompanyManager-Regulatory affairs at Company

  • Bala Subramanyam GBala Subramanyam G

    Privacy Compliance & Infosec at BellwetherPrivacy Compliance & Infosec at Bellwether

CREATE PROFILE
Denis Nolasco