Data protection and data privacy has never had a higher profile. Whatever your company’s size, from start-up to multinational, the collection and use of personal data presents significant legal issues. If you get it wrong it can have huge financial and reputational implications.
We will work closely with you to help you to lawfully collect and exploit data. At the same time we can help you ensure you have the right policies, processes and security in place to manage the risk of data misuse, breaches, data theft and hacking.
We understand the law and also the way it is applied by the regulators. We are often in touch with them. We offer practical advice on all data issues, from innovative technology such as eHealth, wearable technology and virtual reality, to more straightforward data protection compliance.
The range of our advice on data protection and privacy issues includes:
- Data Protection Act compliance
- Data privacy audits, policies and training
- International data transfers, binding corporate rules and EU model clauses
- Data processor agreements
- Subject access requests
- Data security and breach management
- Privacy and Electronic Communications Regulations
- Freedom of Information Act
- The impact of the proposed new EU Data Protection Regulation
- e-Privacy Directive
- Cookie laws and regulation
- Monetary penalty notices
- Interception and monitoring of communications.
International broadcaster
We provided an international broadcaster with detailed advice on Europe’s current and proposed data protection regime, and audited its UK operations for compliance.
US monitoring service
We guided a US software provider on UK data and privacy laws in anticipation of the proposed consumer launch of its monitoring services in the UK.
Multinational software company
We advised a very large software company on the implementation of collecting, hosting and analysing personal and non-personal data in the UK.
Numerous corporate and high-profile individual clients
We routinely advise on strategic and contentious data subject access requests and the matters arising from them, including complaints to the Information Commissioner’s Office. We act for both individuals making requests and organisations who are facing requests in factually complex circumstances such as litigation or as part of a campaign where reputational and privacy issues arise.
Data analytics
We advise a number of clients who collect and analyse data online, including dealing with issues such as ‘profiling’ and targeted messaging.
Daniel Tozer
Partner
E: daniel.tozer@harbottle.com
T: +44 (0) 20 7667 5000
Jeremy Morton
Partner
E: jeremy.morton@harbottle.com
T: +44 (0)20 7667 5000
Jo Sanders
Partner
E: jo.sanders@harbottle.com
T: +44 (0)20 7667 5000
Alex Hardy
Senior Associate
E: alex.hardy@harbottle.com
T: +44 (0)20 7667 5000
Melanie Hart
Senior Associate
E: melanie.hart@harbottle.com
T: +44 (0)20 7667 5000
Rebecca Collard
Senior Associate
E: rebecca.collard@harbottle.com
T: +44 (0)20 7667 5000
Amy Bradbury
Senior Associate
E: amy.bradbury@harbottle.com
T: +44 (0)20 7667 5000
Emily Grosvenor-Taylor
Associate
E: emily.grosvenor-taylor@harbottle.com
T: +44 (0)20 7667 5000
Katrien Roos
Associate
E: katrien.roos@harbottle.com
T: +44 (0)20 7667 5000
Natalie Barnfield (née Smith)
Associate
E: natalie.barnfield@harbottle.com
T: +44 (0)20 7667 5000
Charlie Thompson
Associate
E: charlie.thompson@harbottle.com
T: +44 (0)20 7667 5000
eBulletins
- GDPR guidelines released, how not to update marketing databases, and a record ICO fine
- Data & Privacy: The latest on Trump, GDPR prep, proposals for a new E-Privacy Regulation and recent lessons learnt
- Data & Privacy: £400k fine for TalkTalk is biggest ever, and ICO breaks its silence on Brexit
- Data & Privacy: Brexit and the GDPR, Privacy Shield updates and recent ICO fines
- Data & Privacy: Data leaks, privacy shield and direct marketing
- Data & Privacy: EU-US Privacy Shield and the General Data Protection Regulation
- Data protection reforms: Christmas has arrived early
- Data & Privacy: Not so safe harbor, data subject access requests and ‘stable arrangements’
