All organisations process personal data in one form or another, whether it relates to employees, customers, patients, tenants, contractors or suppliers. It is essential that the collection, use and retention of personal data meets the strict obligations set out in the Data Protection Act 1998 and the new standards required by the GDPR.
Our Information Law team provides expert advice and support to a wide range of organisations in a diverse mixture of industries, each with their unique purposes for processing personal data.
We provide organisations with all of the necessary documentation they require to meet their data protection obligations. This includes internal data protection policies, privacy notices and data protection impact assessments. We also produce tailored contracts and agreements which ensure that any sharing of personal data meets the legislative standards.
Thanks for all your support it has been brilliant
Our team assists organisations with responding to complex and sensitive subject access requests, including those from former employees, patients and customers. We are able to take large quantities of electronic and hard copy documents and collate, review and redact those documents ready for disclosure.
We also represent organisations which are the subject of a compliant before the Information Commissioner's Office or are party to an appeal before the First Tier and Upper Tribunals.
Working with clients
We provide data protection services to a wide range of organisations, including global corporations and those operating in the public and third sectors.
We offer a diverse range of data protection services which include:
- Preparing a full suite of data protection internal documents such as data protection policies and procedures, website privacy notices, data breach procedures and data protection impact assessments
- Drafting data sharing and data processing clauses in complex commercial contracts
- Advising on targeted email marketing campaigns and compliance with the Privacy Regulations
- Supporting large scale and complex subject access requests including collating, reviewing and redacting thousands of documents ready for disclosure
- Providing strategic support in managing and responding to large scale data breaches and cyber-attacks.
- Delivering bespoke and training and workshops on a range of data protection issues
- Representing clients before the Information Commissioner’s Office, the Court and the Information Rights Tribunals.
We provide support to a leading global conglomerate in a range of data protection matters including its responses to subject access requests.
Our role includes collating the thousands of documents which fall within the scope of the requests, collating those documents, reviewing the documents and redacting the documents where an exemption applies.
Advice on the lawful processing of data which may be necessary in order to monitor and safeguard the health of employees, clients and visitors. We can provide support in ensuring that any processing of data in relation to COVID-19 is compliant with GDPR, particularly in relation to the need for transparency and the principle of data minimization.