Asaf provides legal counsel to various corporations, private investors and entrepreneurs with respect to corporate and commercial law, including finance transactions, capital raising, investments, mergers and acquisitions, incorporation and a wide variety of commercial transactions, as well as day-to-day corporate matters.
Asaf’s extensive experience and knowledge allow him to provide legal opinions and to formulate commercial agreements in various fields such as founders agreements, cooperative agreements, service agreements, distribution agreements, franchise agreements, sales, manufacturing and supply agreements, loan and securities agreements, R&D agreements, and more.
Asaf has considerable experience in the field of non-profit organizations (associations, public benefit companies), and provides counseling for especially large non-profit organizations with substantial financial budgets, as well as smaller non-profit organizations traditionally belonging to the third sector in the field of education, community, welfare, culture and more, including counseling of the management of such organizations in their day-to day actions and activities in the specific framework of which they operate.
Asaf offers counsel prior to the actual establishment stage of such non-profit organizations in order to obtain the desired operation by the client and thereafter draft the specific charter documents required for such entities, including assistance with respect to the procedures that will ensure the granting of certification of proper management and certification of a public institution with regard to contributions according to the tax law.
Asaf advises employers in all matters related to labor law, including employment contracts, employee compensation plans, agreements with subcontractors and confidentiality and non-competition arrangements.
Asaf also has experience in guiding and advising clients from the private sector in the field of environmental law enabling them to deal effectively with compliance, regulatory and liability issues, including preparing legal opinions, handling in matters of water pollution, ground pollution, waste water, waste electrical and electronic equipment, recycling, business licensing, and more.
University of Haifa - LL.B., BA (Asian Studies); 2007
Member of the Israel Bar Association since 2008
News and updates - Asaf Shalev:
The New Reform in the Field of Privacy Protection and Information Security - the Day After and the Future …
Israel's new Privacy Protection (Information Security) Regulations came into effect this past May. These regulations constitute a significant reform and turning point in the field of personal information security in Israel and in protecting the privacy of Israeli citizens.
For the first time, these regulations prescribe intra-organizational mechanisms and tools designed to turn data-security matters involving databases (depending upon the characteristics of the database) into an integral part of an organization’s management routine in general, and information management in particular. The mechanisms more clearly define organizations’ obligations and responsibilities with regard to information security.
The primary goal of the new regulations is to protect the rights of individuals whose information is contained in a database against exploitation of the information about them, either by sources outside the organization or by employees within it. The new regulations also maintain Israel’s status as a country that has enacted privacy protection regulations consistent with the corresponding European legislation (inter alia, the new European General Data Protection Regulation, the GDPR, which also came into effect recently).
The data-security reform as reflected in the new regulations is divided into several levels. These include mapping and characterization of each database; determining the requisite level of security based on the aforesaid mapping and analysis (individual database and a basic, medium, or high level of security) and according to several parameters (the organization’s identity and activity, the sensitivity of the data, the number of data subjects, and the number of people with authorized access to the database); and the adoption of a formal data-security compliance and enforcement policy based on the required level of security as prescribed in the regulations.
For example, upon the occurrence of a security incident involving a breach of the privacy of a database, an organization that implemented all of the measures and operations required of it will be in an entirely different position than an organization that failed to do so.
One of the key innovations in the new regulations is the obligation to report serious security breaches to the Privacy Protection Authority, which is tasked with enforcement of the regulations.
In this regard, the Privacy Protection Authority has announced that it is gradually implementing an interim lenient and tolerant enforcement policy toward organizations that report incidents of security breaches to it. This will last up until January 1, 2019. After that date, the Authority will fully implement and enforce the regulations. According to the official policy, the Authority will deal harshly with organizations that fail to report security breaches occurring in their organizations as is required. (See articles in the media about the recent security breach at Ituran.)
With regard to liability, a violation of some of the data-security obligations constitutes a criminal offense and is also liable to lead to the imposition of an administrative fine. Such a fine may be applied at both the organizational level and at the level of officers and members of the organization’s management.
Currently, enforcement is considered relatively sparse and lenient, and the administrative financial sanctions are also at very low sums. However, nothing lasts forever, and a revised government draft bill is currently being promoted that will delegate extensive and effective supervisory and enforcement authorities to the regulatory authority (in the spirit of the European GDPR). These include the imposition of heavy financial sanctions reaching up to about NIS 3 million (as a function of the size of the database, the sensitivity of the data contained therein, and the gravity of the offense). Furthermore, the draft bill seeks to impose direct responsibility on organizations’ officers to supervise and exert all efforts possible to prevent their employees from committing crimes involving their databases.
Obligation to Disclose Post-Sale Delivery and Service Policies
Adv. Asaf Shalev was interviewed by TheMarker regarding the Consumer Protection Authority's new directive, according to which companies and business owners who operate a store or a website will be required to specify in a prominent and visible location which areas they refuse to provide their services to.
Updates on Consumer Protection Laws
Several new consumer protection updates: the obligation to disclose post-sale delivery and service policies, the expansion of provisions regarding the scheduling of providing services at consumers’ homes, and relief in the obligation to mark apparel products.