Data Protection

Helping our clients stay compliant

Data Protection

Data protection is quickly becoming one of the fastest growing areas of regulatory compliance that our clients are having to deal with. The pandemic has seen a vast increase in the amount of cyber-attacks on businesses and individuals, and with tight timescales to report such breaches to the ICO, knowing what to do if the worst happens is more important than ever.

Our team provides practical, tailored advice on all aspects of data protection law. We have experience in advising on compliance issues such as documenting data controlling and processing and dealing with requests from data subjects to assisting clients with the legal and regulatory aspects of data breaches and communication with and reporting to the ICO.

Providing compliance documentation

Drafting documents such as privacy notices and data protection policies to assist clients with demonstrating that they are taking sufficient steps to comply with the law

International transfers

Queries around subject access requests

Advising on timescales and data excluded from the scope of subject access requests

Advice on data breaches

Training for DPOs and other staff

Key Contacts

To make an enquiry, please contact a member of staff below or call 01224 845 845

David Chalmers

Partner, Head of Employment
T: 01224 845 817
M: 07587 034 699

Annika Neukirch

Senior Associate, Employment
T: 01224 845 822
M: 07879 519 699

Data Protection News & Insights

Data Protection Breach – Seminar

August 11, 2023

We have become used to hearing stories of data breaches caused by hacking and ransomware, including the news last week that there has been a security breach of the electoral register in which names and addresses of voters have been accessed, potentially as far back as August 2021. However, the recent news from Northern Ireland has served as a reminder that human error can also result in significant data breaches.

Big fine for Meta shines spotlight on standard contractual clauses

May 24, 2023

When the GDPR first came into force five years ago, the big headline-grabber was the potential for large fines – up to €20m or 4% of annual global turnover, whichever is higher. In recent months we have seen some significant penalties being applied by UK and EU supervisory authorities, and the news this week from the Irish Data Protection Commission was that it had concluded its investigation into Facebook parent company Meta and decided to issue it with an administrative fine of €1.2billion in respect of its data transfers to the US.

A large fine to TikTok but ICO’s power doesn’t end there

April 4, 2023

The ICO has issued another headline-grabbing fine to a social media company – this time to TikTok, who have been fined £12.7 million for misusing children’s data, in particular by processing personal data of children aged under 13 without parental consent and taking insufficient steps to check the age of those using their platform and removing those underage.

Data Protection and Digital Information (No2) Bill

March 10, 2023

On 8 March 2023, the government withdrew its previous data protection bill, which had been scheduled for a second reading, and instead published a revised new bill, the Data Protection and Digital Information (No. 2) Bill.