Data Protection & IT Law

Our scope of work includes:

• Electronic Marketing – Advising on E-marketing and data protection laws to ensure compliance in sending marketing and service communications to consumers.
• Website & App Compliance – Audit of website and app functionality to determine consent and notification requirements required for the business to effectively use customer data.
• Policies – Drafting and advising on cookie and privacy policies (including employee and recruitment policies) to ensure data can be used lawfully and for the required purposes within the business.
• Contract Review (Including Cross-Border Data Transfers) – Review of contractual clauses for commercial agreements, with specific focus on data migration and exit planning. Advising on contractual compliance issues for cross border / global data transfer services across a range of industries, including health, education and aviation.
• Privacy Programme Implementation / Management – Project management and implementation of information risk management processes, policies and procedures to ensure processing and storage of data is in accordance with applicable law and industry practice.
• Privacy By Design – Helping businesses to prepare data inventory, data flow mapping and advising on data minimisation strategy to ensure compliance with data protection regulation and legal / regulatory retention periods.
• Data Breach Response & Regulatory Investigation – Responding to regulatory investigation and preparation of incident response processes.
• Subject Access Requests – Advising on complex and sensitive data subject access requests received from individuals.
• Disputes– Advising and representing clients in defence against data protection incident / breach and also acting for claimants.