We structure our data protection team as a cross-departmental group across our commercial technology, employment and litigation groups. We advise on all the key privacy and data protection compliance areas such as compliance programmes and documentation, international data transfer issues, data breaches, and individual data requests.
We have a significant reputation for helping clients with complex privacy and data protection issues which are very specific to the core industry sectors on which we focus. Our data protection team also stands out because of the unique synthesis between our data protection and reputation and information practices, and our strength in both non-contentious as well as contentious data protection matters particularly where there are reputational issues at stake.
More information about the areas on which we advise is set out below:
We work with clients from a broad range of sectors advising them on all aspects of their data protection compliance. We regularly advise clients on the creation and roll-out of compliance programmes (including audits, the development of policies and documentation and the delivery of training). We regularly advise on the creation of privacy notices, cookie policies, data protection impact assessments and records of processing. We also advise clients on the complexities of international data transfer issues (including intra-group and with service providers).
Our deep experience and expertise in digital and technology feeds into our privacy and data protection work. We frequently advise on cutting-edge privacy and data protection issues involving areas such as AI, immersive technology, digital marketing, adtech and programmatic advertising. We also have particular expertise in advising large entertainment, retail and other consumer facing businesses and global brands on the data privacy implications of their digital transformations.
We work closely with our clients to help them to lawfully collect and process data whilst managing the careful balance between compliance risk and commercial opportunities. We also work closely with our extensive network of independent law firms in other jurisdictions allowing us to support not only clients’ UK but also pan-European and global transactions and operations.
Our data protection advice also includes supporting a large number of clients on the data protection aspects of commercial and corporate transactions, including drafting and negotiating data processing agreements, and supporting with data protection related due diligence for mergers, acquisitions and investments.
Cyber-attacks and data loss are unfortunately common place and a risk to all businesses. We help clients with legal advice in the event of a data breach. We are uniquely placed to do so, combining our data privacy expertise with our extensive experience in the field of reputation management. We advise clients on complying with regulatory obligations including breach notification requirements, communicating with key stakeholders and clients, and dealing with related reputational issues.
We also help clients faced with a wide range of contentious data protection issues, including complaints to the Information Commissioners Office, litigation in the High Court and dealing with contentious data subject access requests. Responding to a subject access request, whether from a customer, ex-employee or potential litigant can be a time-consuming and complex undertaking and we help clients navigate the legal landscape.
Creating the right core team to deal with a data crisis is key, and we are very familiar with working alongside a client’s own in-house legal team, and other advisors such as forensic IT experts, marketing and crisis communications teams. We can also help introduce clients to experts in those fields if required.
Please see our Data litigation, data breaches and cybersecurity page for more details.
Sacha Wilson
Partner
E: sacha.wilson@harbottle.com
T: +44 (0)20 7667 5000
Gerrard Tyrrell
Senior Partner
E: gerrard.tyrrell@harbottle.com
T: +44 (0)20 7667 5000
John Kelly
Partner
E: john.kelly@harbottle.com
T: +44 (0)20 7667 5000
Amy Bradbury
Senior Associate
E: amy.bradbury@harbottle.com
T: +44 (0)20 7667 5000
Louise Prince
Senior Associate
E: louise.prince@harbottle.com
T: +44 (0)20 7667 5000
Josey Bright
Associate
E: josey.bright@harbottle.com
T: +44 (0)20 7667 5000
Shayna-Radhika Patel
Associate
E: shayna.patel@harbottle.com
T: +44 (0)20 7667 5000
Mark Primrose
Associate
E: mark.primrose@harbottle.com
T: +44 (0)20 7667 5000
Elizabeth McClenan
Associate
E: elizabeth.mcclenan@harbottle.com
T: +44 (0)20 7667 5000
Hugo Tyrrell
Associate
E: hugo.tyrrell@harbottle.com
T: +44 (0)20 7667 5000
- Engadget coverage on cookie consent
- Compliance Week coverage on British Airways data breach class action
- EU adopts UK adequacy decisions allowing free flow of data
- Harbottle & Lewis advises NASDAQ quoted client Take-Two Interactive on its acquisition of Nordeus
- Data & Privacy eBulletin: Spring 2021
- Further safeguards are put in place to protect patients’ confidential information
- Sacha Wilson quoted on BA/Marriott GDPR fines
- Data & Privacy eBulletin: Autumn 2020
- Data & Privacy eBulletin: Schrems does it again
- Coverage: Dan Tozer on UK-US data sharing
- ICO report: mobile phone data extraction by police must improve
- ICO reshapes priorities in light of pandemic
