Data protection and information

Our experienced team advises clients in relation to all aspects of data protection and information law. Our focus is on providing clear, succinct guidance that cuts through the complex framework of the regulations and goes further than straightforward black letter advice.
  • Profile
  • Experience
  • Key contacts

Our team advises on:

  • Cross-border data transfers - drafting intra-group and external data transfer arrangements and coordinating multi-jurisdictional advice.
  • Marketing – advising on privacy issues around online and other channels of direct marketing and compliance with e-Privacy Regulations (including use of social media for marketing).
  • Mobile payment and other applications – advising on the privacy impacts of developing mobile applications, including issues around the use of geo-location data.
  • BYOD – advising on the privacy implications of “bring your own device” initiatives rolled out to employees of large regulated organisations.
  • Privacy policies – drafting and advising on internal (employee) and external (customer) privacy policies and “fair processing notices”.
  • SARs – advising on subject access requests, including as part of employee grievance processes or litigation.
  • FoIA - advising both public sector clients on handling freedom of information requests and on the implications for private sector clients of contracting with public sector bodies.
  • Governance and control – providing strategic advice on data privacy incident management, information security and record retention.

Members of the team have also spent time on client secondments, including to the privacy teams of Barclays Bank and Standard Chartered Bank.

"The team really know what they're doing. They just become part of our team, which I've truly enjoyed"
Chambers UK 2014

Barclays Bank PLC

We advise on a wide range of privacy issues including time on secondment to its Data Privacy Legal team and advising on digital marketing initiatives.

Multi-national life science company

We advise a multi-national life science company on its intra-group data transfer agreements and registrations.

UK Pharma company

We advise UK Pharma company on DP policies and standard operating procedures.

Standard Chartered Bank

We advise Standard Chartered Bank on EU data protection issues.

The Cloud Networks Limited

We advise The Cloud Networks Limited on data retention regulations.

Corporation Service Company

We advise Corporation Service Company on a global privacy programme.

Large US retailer

We advise a large US retailer on the regulatory issues relating to the launch of an e-commerce website in the UK and changes to the ePrivacy Directive.

Affinion International

We advise Affinion International on data protection considerations relating to card protection products and a scheme of redress.

LOVEFiLM

We advised LOVEFiLM on data protection issues relating to its sale to Amazon.

We are also recognised as a leading law firm in the Legal 500 directories.

Lawyer

Jonathan Kirsop Partner

T:  +44 20 7809 2121
M:  +44 7554 403 022 Email Jonathan | Vcard Office:  London

Lawyer

Tom Platts Partner

T:  +65 6622 9641
M:  +65 8233 3245 Email Tom | Vcard Office:  Jakarta, Singapore

Latest news & insights

02 May 2017

From Insights

Data Protection update - April 2017

Data protection coverage this month includes reports that the first EU-US Privacy Shield review is due to take place in September 2017. We also report that the EU cons..

More

28 Mar 2017

From Insights

Data Protection update - March 2017

Data protection coverage this month includes: reports that the Italian Data Protection Office has issued the EU's highest ever fines for a data protection breach and N..

More

28 Feb 2017

From Insights

Data Protection update - February 2017

Data protection coverage this month includes: the approval of Google's model contractual clauses by the EU Commission and the entry into force of the EU-US Umbrella Ag..

More

26 Jan 2017

From Insights

Data Protection update - December 2016 / January 2017

Data protection coverage this month includes: the probable effect of a recent ECJ ruling on the so-called Snooper's Charter and the new draft regulation on privacy and..

More

26 Jan 2017

From Insights

Article 29 Data Protection Working Party GDPR Guidelines on Data Protection Officers

Article 37 of the General Data Protection Regulation introduces the mandatory requirement for certain organisations, including data processors and data controllers ali..

More

26 Jan 2017

From Insights

Article 29 Data Protection Working Party GDPR Guidelines for identifying a data controller or processor’s lead supervisory authority

If a data controller or data processor is carrying out cross-border processing of personal data, Article 56 of the General Data Protection Regulation requires one 'lea..

More

26 Jan 2017

From Insights

Article 29 Data Protection Working Party GDPR Guidelines on Data Portability

Article 20 of the General Data Protection Regulation contains two new and interrelated rights for data subjects.

More

29 Nov 2016

From Insights

Data Protection update - November 2016

Data protection coverage this month includes: the passage of the Investigatory Powers Bill through the Houses of Parliament, challenges to the EU-U.S. Privacy Shield i..

More

29 Nov 2016

From Insights

The EU General Data Protection Regulation fact sheet

A short overview of the EU GDPR including information on the key changes, the effect of Brexit on its application in the UK and steps organisations should be taking no..

More

28 Oct 2016

From Insights

Data Protection update - October 2016

Coverage this month includes: the High Court's ruling on SARs and disclosure of third party data, a US class-action data protection lawsuit, a data breach by a US firm..

More

27 Sep 2016

From Insights

Data Protection update - September 2016

Coverage this month includes: the European Commission report on the E-Privacy Direct consultation, model clauses released by the Singapore regulator, and changes to Wh..

More

31 Aug 2016

From Insights

Data Protection update - August 2016

Coverage this month includes: the European Commission report on the E-Privacy Direct consultation, model clauses released by the Singapore regulator, and changes to Wh..

More

29 Jul 2016

From Insights

Data Protection update - July 2016

Coverage this month includes the adoption of Privacy Shield, a key development in the case of Google v Vidal-Hall and legal issues for Microsoft in the US and France. ..

More

30 Jun 2016

From Insights

Data Protection update - June 2016

Coverage this month includes: our analysis of the result of last week’s EU Referendum, and the effect "Brexit" would have on the data protection landscape in the UK, c..

More

27 May 2016

From Insights

Data Protection update - May 2016

Coverage this month includes: the publication of the General Data Protection Regulation, a Supreme Court ruling on celebrity injunctions, a challenge from the Irish re..

More

28 Apr 2016

From Insights

Data Protection update - April 2016

Coverage this month includes: the adoption of the European General Data Protection Regulation; a useful ruling from the High Court on Subject Access Requests and the i..

More

print-footer
logo
© Stephenson Harwood LLP 2016. Any reference to Stephenson Harwood in this document means Stephenson Harwood LLP and/or its affiliated undertakings. Any reference to a partner is used to refer to a member of Stephenson Harwood LLP.