Every organisation needs to address data protection, confidentiality, information security, cyber risks, data breaches and freedom of information as part of their compliance and risk management policies and procedures.
Whether you are a growing or established company, we can provide you with global contentious and non-contentious advice, that goes beyond straight-forward legal services. We can add value to your business through multi-jurisdictional project management and consultancy services, to train and educate you to ensure that you are complying with global laws and regulations.
Where regulations and obligations evolve, we keep abreast of the latest data protection requirements and can give you practical and up-to-date advice on everything from data retention and email marketing issues, to the handling of sensitive information and data transfers, in the UK and overseas. We often review the data handling procedures adopted by HR departments, including the standard forms used for applications, references, appraisals and other employment related matters. We work closely with our corporate and commercial colleagues to ensure data protection due diligence is met during mergers and acquisitions, outsourcing agreements, or other transfer of undertakings.
You can expect co-ordinated and competitively priced international services, supported by a breadth of knowledge and passion for what we do.
GDPR: are you compliant?
We offer a comprehensive solution for businesses who are affected by the new General Data Protection Regulation.
Meet the team
- Call Jonathan +44 (0)20 7427 6725
- Email Jonathan
- London office
- Call Olivia +44 (0)20 7427 6545
- Email Olivia
- London office
Our thinking
Jonathan McDonald
Fairhurst v Woodard: Property audio and video surveillance system breached GDPR
A recent judgment from Oxford County Court raises significant questions about the increasing use of smart doorbells and cameras.
Jonathan McDonald
Top 5 Data Protection Tips
Jonathan and Marc-Us explore the top 5 data protection tips
Rory Partridge
Closing the Cookie Jar
Opportunistic claims for misuse of online tracking cookies are on the rise. Proactively ensuring compliance is key to avoiding claims.
Jonathan McDonald
Regulating AI – the impact of two key recent proposals: the UK’s National AI Strategy and the EU’s proposed Artificial Intelligence Regulation
With the hype surrounding artificial intelligence continuing to gather pace, we pause and consider some of the proposed regulatory changes.
Olivia Crane
Review of the Department for Digital, Culture, Media & Sport consultation
On 10 September 2021 the Department of Digital, Cultural, Media and Sport (DCMS) published a consultation titled ‘Data: a new direction’.
Henry Cuthbert
China’s Personal Information Protection Law – keeping up with the Joneses or increased cyber-security?
Up until recently, China’s data protection rules could be found through a number of laws and guidelines
Olivia Crane
Olivia Crane quoted by SoGlos on the increasing issue of cyber fraud being faced by businesses in Gloucestershire
Cyber fraud has cost Gloucestershire businesses around £369,800 in the last 13 months.
Jonathan McDonald
Data Protection post Brexit
In the lead up to the UK's exit from the European Union, what data protection risks should your business be thinking about?
Olivia Crane
International Data Transfers
The European Data Protection Board has adopted new recommendations on international personal data transfers .
Nick White
Nick White writes for MCA on the data issues surrounding the rise of popularityy of
Olivia Crane
Privacy in the time of a Pandemic
As a result of Covid-19, the importance of privacy and compliance with data protection law has found itself in the spotlight.
Jonathan McDonald
SCHREMS II judgment: privacy shield invalidated and SCCs scrutinised
In a surprising and arguably bold judgment, the CJEU have invalidated the EU-US Privacy Shield Privacy Shield mechanism.
Jonathan McDonald
What does the ICO’s recent guidance mean for the future of cookies?
The Information Commissioner’s Office (“ICO”) has recently issued guidance on the use of cookies and similar technologies.
Mark Hill
New Data Protection Regime in Bahrain
Download our guide to the new Data Protection Regime in Bahrain.
Tessa Newman
Thumbs up – A company that embeds the Like button on its website can be considered a data controller jointly with Facebook
Companies that embed the Facebook “Like” button within their website pages can be considered as a joint data controller.
Robert Thomas
DSARs: paper files and proportionate searches
The High Court has made a number of important findings that have relevance to data subject access requests.
No-Deal Brexit
Freddie Law analyses how businesses need to consider their data protection policies, in preparation for the potential of a no-deal Brexit.
Rachel Bell
French DPA concludes its first investigation; fining Google LLC €50 million in the process
On 21 January 2019, the French Data Protection Authority imposed a financial penalty of €50 million on Google.
Broadcasters: big targets for hackers and cyber-criminals
Broadcasters were warned that they need to start having internal conversations about the scale of the cyber security threat they face.
Claire Greaney quoted in Info Security Magazine on the Morrisons insider breach appeal