What is the purpose of this new complaints procedure?
The new procedure allows individuals to raise data protection concerns directly with the organisation, prior to the individual complaining to the UK’s data protection regulator, the Information Commission. It is designed to ensure organisations handle complaints transparently, efficiently, and fairly while reducing the burden on the Information Commission.
What obligations do organisations have under this new procedure?
The Information Commission has produced guidance and the new rules and details can be found here.
What can you do now to prepare?
Sacha advises clients from a variety of sectors, including some of the world’s best known brands, agencies and platforms. He is ranked for advertising and digital media in both The Legal 500 and Chambers and Partners and is recognised as one of the UK’s leading advertising lawyers.
Sacha advises on a range of commercial transactions and has particular expertise in advertising-related agreements (such as creative agency, media planning and buying, production and brand partnerships). He is particularly well known for his expertise in digital marketing and adtech.
Sacha also has expertise in general advertising compliance (including prize promotions, native advertising and influencer marketing) as well as ecommerce and online consumer regulations.
Sacha also works within the firm’s retail and technology practices and regularly advises well-known retail brands on a range of retail-focused commercial agreements including distribution, licensing, and franchise agreements, as well as clients across a range of industries on tech focused agreements such as software development, SaaS, and IT services contracts.
In relation to data privacy, Sacha has advised on all the key compliance areas, and has worked with a large number of clients on their data protection compliance programmes. He has particular expertise in the data privacy aspects of marketing, adtech and digital media. He frequently advises on the compliance aspects of adtech vendor arrangements, programmatic advertising, and mobile apps.
Sacha also has expertise in the legal issues associated with AI, particularly in the context of advertising and marketing. He regularly advises clients on the privacy, IP, contractual and regulatory issues associated with the use and deployment of AI for a range of purposes in the advertising and marketing industries.
Amy has a wealth of experience helping clients protect their reputation, personal information and data. She has a litigation background and advises on all legal areas relating to reputation protection and media law including defamation, privacy, confidentiality, data protection, freedom of information and harassment.
Amy’s practice is international and she acts for a wide range of clients including corporates and brands, global figures, business professionals, high net worth individuals and people in the media and entertainment industries.
Clients often seek Amy’s advice at times of crisis, including when faced with the threatened publication of damaging allegations, private information or personal data by media outlets or others. Amy also has particular expertise in contentious data protection issues including data subject access requests, data breaches and complaints to the Information Commissioner’s Office.
Amy is a ‘Recommended' reputation lawyer in the Spear's 500 index and is recognised in both Chambers and Partners and The Legal 500.
He covers the full spectrum of contentious matters, including in-print and online defamation, malicious falsehood, misuse of privacy information, breach of confidence, data protection, cyber attacks, data breaches, information theft, harassment, blackmail, right to be forgotten and subject access requests. He also advises on regulatory media and data complaints, reporting restrictions, NDAs, injunction applications, Norwich Pharmacal applications, online takedowns, apologies, damages claims and coroners' proceedings.
Michael often urgently advises clients who are in a crisis, typically when trying to protect reputation by stopping or mitigating the publication or broadcast of a false story, project managing a response to a cyber attack or preventing the unlawful misuse or disclose of information. He also provides regular training and preparedness sessions to clients to help get ahead of a media or cyber crisis.
He also protects publishers, platforms, data controllers and processors from legal claims.
Michael is ranked as ‘Up and coming’ in Chambers and Partners and is ‘Recommended’ by Spears Magazine.
She advises on compliance with data protection laws and information laws, including the UK and EU General Data Protection Regulation (GDPR), the Data Protection Act 2018, the Freedom of Information Act (FOIA) and codes of practice issued by the ICO and other data protection regulators.
She assist clients with data protection agreements/addendums (DPA), data protection impact assessments (DPIA), drafting and reviewing privacy policies and cookies policies and cookie banners. Nadia handles contentious data protection matters too such as communications with the ICO, personal data breaches and data subject requests such as data subject access requests (DSAR). She keep clients informed of any changes to data protection laws and updated guidance from data protection regulators, and provides training to legal teams and employees on data protection best practices. Nadia has also been seconded to help ensure compliance with GDPR and information law procedures are effective and meet the necessary standards.
Nadia works with a wide range of clients, from small businesses to large corporations, to help them understand their legal obligations and develop data protection strategies and programmes for compliance with data protection laws. Such clients include those in the fashion and retail sector, streaming services, gaming, technology and more.
Nadia has completed the Certified Information Privacy Professionals/Europe (CIPP/E) by IAPP and is a member of the Society for Computers and Law.