Data in technology

Our specialist team can provide you with well-rounded, expert advice on a range of data protection and privacy issues including:

• GDPR and Data Protection Act compliance
• Data protection audits, policies and training
• Data breach management and response, including dealing with the Information Commissioner’s Office
• Online privacy policies, cookies notices and internal data protection policies
• Consent and other lawful bases for data processing
• International data transfers, binding corporate rules and EU model clauses
• Data processor agreements
• Data protection governance and records management
• Data subject access requests
• Compliance with data subject rights
• Data security
• Cookie laws and regulation
• Direct marketing and profiling
• Privacy and Electronic Communications Regulations, and the forthcoming ePrivacy Regulation
• Freedom of Information Act
• Supervisory authority notices and enforcement actions
• Employee monitoring, BYOD policies and processing of special categories of data
• Interception and monitoring of communications
• Data protection aspects of corporate transactions, including mergers and acquisitions

Artificial Intelligence

We have advised a New Zealand based leading artificial intelligence technology provider on a variety of data issues surrounding its licensing arrangements with various brand clients.

International marketing technology provider

We have advised an international marketing technology provider on its GDPR compliance project, including auditing the existing data protection compliance of its US and UK offices; advising on lawful bases upon which the company is processing personal data; revising and negotiating contracts with processors; updating consumer-facing privacy policies; drafting internal data protection policies, records of processing activities, DPIA and LIA forms; and advising on legality of international data transfers.

US monitoring service

We guided a US software provider on UK data and privacy laws in anticipation of the proposed consumer launch of its monitoring services in the UK.

Multinational interactive entertainment company

We advised a large interactive entertainment company’s US and Japanese entities on their GDPR preparations, including data collection via its app, games, events and website, and on the implications of, and requirements associated with, collecting, hosting and analysing personal data of children.

Numerous corporate and high-profile individual clients

We routinely advise on strategic and contentious data subject access requests and the matters arising from them, including complaints to the Information Commissioner’s Office. We act for both individuals making requests and organisations who are facing requests in factually complex circumstances such as litigation or as part of a campaign where reputational and privacy issues arise.

Marketing and data analytics

We provide our technology and media clients with guidance on rules relating to direct social media, email, telephone, and postal marketing. We also advise a number of clients who collect and analyse data online, including dealing with issues such as ‘profiling’ and automated decision-making.

Corporate transactions

We advise our clients on a data protection issues associated with corporate transactions, including due diligence disclosures and negotiation of data protection provisions in business and asset sale agreements.