1. Home
  2. Services
  3. Commercial, Brands, IP and IT
  4. Data Privacy and Cyber Security

Data Privacy and Cyber Security

We advise clients across a wide range of sectors on all aspects of data protection and cybersecurity and resilience, with much of our current work focused on supporting clients on compliance with the General Data Protection Regulation (GDPR) with its range of strict sanctions for breach.

Our advice on GDPR (and UK data protection law) includes the following key activities:

  • enabling clients to baseline their data protection compliance position today;
  • supporting clients to identify and prioritise the necessary programme of work to reach compliance; and
  • assisting with some or all aspects of the programme, including establishing policies, procedures and governance structures to manage compliance.

We advise clients in relation to:

  • privacy provisions in a range of commercial agreements, including data sharing and joint controller agreements;
  • the creation, storage, security and exploitation of databases in line with applicable regulations;
  • data use and privacy notices including customer facing and employee facing notices;
  • privacy by design;
  • collection notices and the tracking of consent;
  • data subject access requests and communications with the ICO;
  • cross-border movement of data, including moves to centralised hosting facilities and other outsourcing considerations;
  • database acquisitions and sales;
  • compliance with UK NIS Regulations 2018;
  • data security provisions and cyber security compliance in IT and outsourcing agreements;
  • preparation for and responses to digital crises; and
  • the management of data loss, including in the UK and US where law enforcement agencies are involved in addition to regulators.

Recent work

A large re-insurance provider

Advising a large re-insurance provider on the acquisition of a portfolio of insurances.

Privacy notices and other privacy documentation

Drafting privacy notices and other privacy documentation for a range of clients.

Data sharing app

Assisting with the development of a data sharing app, including the engagement of third party IT security expertise to analyse the privacy by design considerations adopted by the app developers.

Privacy considerations

Advising on the separation of two corporate entities and the relevant privacy considerations arising from such separation including the sharing of personal data (both customer and CRM contacts).

Recording of calls

Advice in respect of the recording of calls made on a company’s telephone infrastructure.

See all

Quick reads

View next 5
See all Quick reads

In depth

The future of corporate transparency

Dominic Sedghi, Jennifer Smithson, David Gauke, Martha Campbell 25 Nov 2022
The European Union – and the UK – face difficult questions.
Read more

Beyond data broking: why the ICO’s investigation matters to you

08 Dec 2020
In October 2020, the ICO released its finding from its audits of the direct marketing portion of the three largest credit reference agencies (CRAs) in the UK. These CRAs engage in...
Read more

Data protection and cyber-crime - views from the house of commons

29 Jun 2016
A report commissioned in the wake of the TalkTalk hack in October 2015 by the House of Commons Culture Media and Sport Committee was published earlier this week making 17...
Read more
See all contacts

Malcolm Walton

 Partner
+44 (0)20 7849 2575 Email Malcolm

William Hedges

 Partner
+44 (0)20 7791 4190 Email William