Support for your business

Data Protection

Our Commercial Team are experts when it comes to data. We give you pragmatic, comprehensive advice that you can apply to your daily commercial life, helping you to understand the practical requirements and to ensure compliance.

The General Data Protection Regulations (“GDPR”) came into force in 2018 and aims to enhance an individual’s control and rights over their personal and sensitive data, and to simplify the regulatory environment for international trading. As a response the GDPR, the UK implemented the Data Protection Act 2018 to govern data obligations in the UK. Following Brexit in January 2021, GDPR was further adopted into UK legislation as UK GDPR. International businesses who process data belonging to individuals located in the EU must also continue to comply with GDPR as well as the UK legislation. Whilst GDPR and UK GDPR are currently almost identical, this may change over the coming years as laws in the UK and the EU develop and change.


Personal Data and Special Category Data

Every business is likely to hold personal data of individuals. Personal data is namely any data that could be used to identify that person such as their name, address and even their vehicle licence plate number. Some businesses may also hold special category or sensitive data of individuals, such as information relating to their race, sexual orientation, religious or philosophical beliefs or political opinions.

We can help you to identify the personal and special category data you hold, and work with you to implement robust processes to protect such data.

Data Breaches

While every effort should be made to avoid a data breach they are, unfortunately, likely to happen. Businesses should therefore take preventative measures to limit the likelihood of a breach and our team can work with your business and its Data Protection Officer to put these plans in place, so you are prepared.

In the event of a breach, we can support you in meeting the requirements for reporting the breach, as well as investigating how it happened and taking corrective actions, including delivering staff training. 

Data Sharing Agreements

If you’re going to share data with different parties, you must have an appropriate agreement in place to protect your business and minimise your exposure to risk or breaches. We can lead the negotiations and draft the agreement, clearly defining the individuals who are responsible for handling data both within the business and externally. We can also add appropriate provisions to your current agreements and terms and conditions to ensure that the obligations are clearly set out.


Data Protection Impact Assessments

Undertaking a data protection impact assessment (DPIA) is essential where you are processing data that is likely to result in a high risk to individuals. Completing a DPIA at the beginning of a project will help to identify any risks those activities pose to your data compliance, allowing you to put in place procedures to minimise those risks.

The DPIA can be submitted as evidence to the Information Commissioner’s Office should anything go wrong, so they can understand how the processing activities may have gone awry and what procedures you have in place to protect data.

Data Subject Access Requests

Individuals have the right to request and access a copy of the personal data that your data controller has processed about them, as well as an explanation of the purposes for which their data is being used. We can support you in handling these requests and determining the data that you need to share with the individual so that you respond in a way that is consistent with the obligations in the legislation and within the time limits.

Privacy Policies

We can draft and prepare privacy policies, clearly defining the data collected from individuals, why and how it is collected as well as how it is used and stored. These policies will be tailored to your business and the data that you collect in order to continue trading and connecting with your contacts.


Our Brilliantly Simple Guide to the GDPR

It’s not often that a piece of regulation affects everyone in business, but this one does, thats why we have pulled together this easy to understand guide to the key areas of the GDPR

Brilliantly Simple Guide to the GDPR

Get in touch

Talk to us about your legal challenges and discover how our expert, pragmatic legal advice and broad commercial acumen can help.