Back to Other practice areas

GDPR

We provide legal advice to businesses on GDPR compliance and assist in ensuring that the processing of personal data is carried out in accordance with applicable regulations. Non-compliance with the GDPR can result in significant financial, operational, and reputational consequences, and we help businesses identify and manage risks in a practical and commercially focused manner. We advise businesses across all industries on both the day-to-day handling of personal data and more complex compliance projects, regulatory matters, and security incidents.

We assist with, among other things:

GDPR Compliance

We advise on compliance with the GDPR and assist businesses in establishing and maintaining effective compliance programmes. Our services include risk assessments, internal procedures, and ongoing legal support.

Privacy Policies and Documentation

We prepare and review privacy policies, consent forms, and other documentation required under the GDPR. We help ensure that documentation is accurate, transparent, and legally compliant.

Data Processing Agreements

We assist with the drafting, review, and negotiation of data processing agreements and advise on the allocation of responsibilities between data controllers and data processors.

International Data Transfers

We advise on the transfer of personal data outside the European Union and the European Economic Area, including the use of Standard Contractual Clauses (SCCs) and other lawful transfer mechanisms.

Employee Data

We assist businesses with the processing of employee data in connection with recruitment, employment relationships, workplace monitoring measures, whistleblowing schemes, and the retention of personal data.

Cookies and Consent

We advise on cookie regulations, consent mechanisms, and the processing of personal data on websites and digital platforms. Our services include website compliance reviews and the implementation of GDPR-compliant solutions.

Direct Marketing

We assist businesses with GDPR-related issues concerning newsletters, customer databases, consent requirements, and other forms of direct marketing.

Data Breaches and Security Incidents

We assist with the management of personal data breaches and other security incidents, including assessments of notification obligations, communications with supervisory authorities, and the handling of related compliance processes.

Data Subject Rights

We advise on requests relating to access, erasure, rectification, data portability, restriction of processing, and objections to the processing of personal data.

Proceedings Before Supervisory Authorities

We represent businesses in matters involving data protection authorities, including audits, investigations, complaints, and other regulatory proceedings.

Data Protection Impact Assessments (DPIAs)

We assist with the preparation of Data Protection Impact Assessments and the evaluation of risks associated with the processing of personal data where required under the GDPR.

GDPR Audits

We conduct GDPR audits and compliance reviews to identify legal risks and ensure that organisational procedures and documentation meet applicable regulatory requirements.

Personalised and Confidential Advice

GDPR compliance is an essential part of modern business operations and requires continuous attention. We provide practical, commercially focused, and confidential legal advice tailored to each client’s specific needs and risk profile.

Contact Us

If you require advice on GDPR matters or would like an assessment of your organisation’s compliance framework, please do not hesitate to contact us for an initial discussion.

Have questions?

Contact us for a non-binding conversation about your needs.

Contact us