Data privacy and information law


Data privacy and information law impacts businesses of all sizes who deal with data - whether large multi-nationals or start-ups, in the public or private sector. Holding and treating personal data in an appropriate way demonstrates good governance, enhances your reputation and business value, and protects one of your largest assets.

We understand that personal data is a fundamental tool for your organisation. We also understand that data privacy is a fundamental right for individuals. Our team provides expert advice on balancing those competing interests, making data work for you to drive change whilst protecting your organisation from unwanted public and regulatory scrutiny.

From guiding you through changes in law and regulatory issues, helping you plan new projects, develop services and implement new technologies, to responding to cyber-attacks and other data breaches, we have a wealth of experience in managing data protection and other information issues at every stage.

Our team of data protection experts in our UK offices work alongside our international network and our wider teams across key industry sectors and provide commercial solutions and practical advice on how you can protect your business interests. We can assist with:

Data protection by design and default

  • Undertaking audits, gap analysis and data protection health checks to assess key risks to your organisation, and advice on privacy impact assessments.
  • Provision of bespoke training for all levels of your organisation.
  • Advising on and dealing with Data Subject Access Requests from individuals, including employees, and using technology to manage those efficiently.

Commercial Agreements

  • Drafting and negotiating agreements with a data or technology focus, including payroll, data hosting, marketing and commercial exploitation of data
  • Advising on the data protection aspects of new technologies and service provision, including on all aspects of IT related issues
  • Advising on sharing data with third parties and within group companies, including transfers of data outside of the EU, and the use and transfer of customer databases.

Employment

  • Advising on all aspects of compliance from an HR point of view, including policies, procedures and employer obligations in relation to employment services such as payroll, secondments and outsourcing.
  • Managing and advising on Data Subject Access requests, particularly in the context of threatened or on-going Employment Tribunal proceedings.
  • Managing employment data breaches and the associated HR issues arising.

Data Breach Response and Dispute Resolution

  • Creating and implementing breach response plans to protect data and mitigate key business risks, including engaging and liaising with forensic IT experts and consultants, PR and Communications teams, and legal advisors in other jurisdictions.
  • Liaising with the Information Commissioner's Office in respect of any formal investigations and complaints and managing reports to regulators, stakeholders and individuals.
  • Acting urgently to protect misappropriated information from being dissipated or misused and advising on potential losses and strategic options for recovery, and acting in proceedings brought by individuals affected by a data breach or cyber attack.

In brief

  • Advising clients operating in real estate, housing, construction, energy and the public sector, SMEs, family owned businesses and HNWI’s
  • Commercial agreements, privacy policies, use of website terms
  • Employment – advising on all aspects of compliance
  • Data breach response – developing strategy to minimise risks arising from data breaches and cyber-attacks
  • Privacy Impact Assessments – data protection audits, gap analysis and high level “health checks” to assess key areas of risk.
  • Dispute resolution – whether in relation to complaints to an investigation by the Information
  • Member of Interlaw, the ‘Elite Global Law Firm network,’ with lawyers in more than 150 cities worldwide
Insight

GDPR and employment – where are we now?

Explore
Insight

Paving the way for data breach group actions

Explore
Insight

Response and Recovery Guidance for SMEs

Explore
Insight

Cyber-Attacks (Asset-Freezing) Regulations 2019

Explore
Insight

Future of work: What to do with GDPR/data subject access requests

Explore
Insight

Data subject access requests - taking the load from you

Explore