Practice Areas

Data Protection
Overview

Every business in the UK has to comply with UK data protection legislation when processing personal data, whether in relation to employees, customers or individuals.  Those requirements are largely governed by the Data Protection Act 2018 and the UK version of the EU General Data Protection Regulation.

Failure to meet the required standards can incur serious consequences. These might include financial and other sanctions from the Information Commissioner’s Office, reputational damage and exposure to fraud and cyber crime.

We help you to understand how data protection legislation affects your business and what you need to do to be compliant and to mitigate risk.

Do you need to register with the Information Commissioner’s Office?  Do you need to appoint a Data Protection Officer?  What do you need to do if an individual sends you a Subject Access Request?  We can assist with these and any other issues that may arise. We can advise on a more general basis as to what systems and policies you should have in place to ensure you comply with your obligations when it comes to the processing of personal data.

Whilst we always aspire to help you avoid problems from arising, if a data breach does occur, we can help you manage the situation and minimise any consequential risks and disruption to your business.

If you are an individual, we can advise you on your rights and the remedies available to you if your data protection rights have been breached.

Illustration of building

Data Protection

Service Highlights

Please click on a service highlight to learn more about how we help with these matters. If you have any questions or would like to discuss further, you can contact us using the contact form below.

Illustration of Oxford Street

  • Website privacy and cookies policies

    Significant amounts of personal data are collected and processed over the internet and such processing is subject to strict controls. We can help you remain compliant in the online world and provide tailored and GDPR compliant privacy policies, cookie policies and website terms to meet the needs of your business.

  • Contractual agreements

    Contracts arrangements between parties normally require some exchange of personal data and it is important to ensure the contracting parties have suitable protections in place to control the exchange and use of such data. We advise the owners and processors of personal data on appropriate provisions and, where personal data is being transferred outside of the UK, on the additional criteria that will have to be met before the data is transferred.

  • Marketing

    Most businesses market their products and services in some way and different types of marketing are regulated in different ways.  The Advertising Standards Authority, the Information Commissioner’s Office and the Data and Marketing Association all have extensive regulations which may have to be followed depending on your plans. We have years of experience in this field and can advise you on the do’s and don’ts on all aspects of marketing.

  • Breach reporting and subject access requests

    Where a breach of the data protection law occurs, a business may, depending on the circumstances, need to report the breach to the Information Commissioner’s Office. We can help assess whether a report is required and, if it is, how best to structure it.

    With certain limited exceptions, a business must provide an individual on request with details of the information which they hold about that individual. This is known as a Subject Access Request. We can assist individuals make such a request and help businesses respond to a request in a compliant manner.

    Requirements in both areas are complex and we provide both general guidance on the rules and urgent advice if things go wrong.

  • Freedom of information

    The Freedom of Information Act 2000 provides public access to information held by public authorities, which includes a wide range of different organisations. Determining what information needs be disclosed is not always straightforward, and we can assist you if you are an individual wanting to make a Freedom Of Information request or an organisation that needs to respond to one.

Service Areas

Get in touch with your enquiries

"*" indicates required fields

Key contacts

Our Experts
  • Image of Andrew Pike

    Key contact

    Andrew Pike

    Director, Head of Compliance

    Andrew has over 25 years’ experience in corporate and commercial law. Formerly a manager for a well-known high street bank,…

    Call
    Find out more arrow arrow
  • Image of Paramjit Sehmi

    Key contact

    Paramjit Sehmi

    Partner, Head of Corporate

    Paramjit advises businesses, business owners and investors on a broad range of corporate, commercial and company law matters. He has…

    Call
    Find out more arrow arrow
  • Image of

    Key contact

    Call
    Find out more arrow arrow
  • Image of Sarah Khawaja

    Key contact

    Sarah Khawaja

    Consultant

    Sarah Khawaja leads our immigration practice, bringing extensive expertise from her years working in the Middle East, where she developed…

    Call
    Find out more arrow arrow

News

Latest news from across Burlingtons

Service Areas

Explore our professional services & expertise

  • Practice Areas
  • Sectors
Illustration of Bond Street