Data Protection

Data Protection Practitioners – Our services

Our data protection team advise businesses and individuals on a wide range of data protection and GDPR issues including:

  • Handling data subject access requests (SAR/DSAR). This may involve using an end-to-end eDiscovery tool, as required
  • Handling and reporting data privacy breaches
  • Challenges made to the Information Commissioner’s Office (ICO) by employees and other data subjects
  • Employee monitoring and surveillance of staff, both physically on-site and online
  • Employee screening and background checks (including criminal records checks)
  • Drafting and reviewing data protection documentation
  • Data Protection Impact Assessments (DPIAs) for high-risk processing
  • Overseas data transfers (both outside the UK and the EEA)
  • Use of Cookies and online tracking. Google and Amazon recently received multi-million euro fines for unlawful use of cookies, so it is vital the correct notices and processes are implemented
  • Data protection obligations under the GDPR
  • Data Audits – audits often include mapping personal data you process, assessing possible risks and exposure and contingency plans to minimise the risks
  • Data retention and the destruction of records
  • Handling complaints from individuals and regulators
  • Marketing – we can review marketing policies and grounds for processing data. We can also advise on the additional requirements under the Privacy and Electronic Communications Regulations

Data Protection – some recent cases

Our GDPR and data protection solicitors have worked on a wide range of projects. We have worked with companies of all sizes from a variety of industry sectors. Some examples of our work include:

– On-site audit and inspection of data protection policies to keep GDPR compliant

We worked with a global gaming company to carry out an on-site audit and inspection of the client’s day-to-day data protection practices. We reviewed current documentation and interviewed a number of key personnel at the premises. In addition, our GDPR team compiled a practical, user-friendly report. This included areas for improvement and actions that could be taken to ameliorate or eliminate risk.