Data protection and information

Katie has significant experience of advising on data protection issues and provides data privacy assistance to clients such as global banks and professional services firms. She has advised a wide range of clients on the implementation of the GDPR and she has also helped clients successfully deal with ICO enforcement on potential data protection and freedom of information law breaches and breach reporting.

Global bank

Katie led an international bank's EU GDPR compliance programme, providing a full suite of services from close involvement in the bank's data mapping exercise, providing a gap analysis on its compliance and producing sets of policies, contracts and procedures to fill the gaps identified to help the client ensure that it became GDPR-compliant. She also considered the impact of the GDPR on the bank's offices outside of the EEA and on the need to appoint a DPO and provided advice on how the relevant regulatory requirements interacted with the GDPR.

Pensions scheme actuarial and administration services provider

Katie was one of a team running the negotiations for this client's extremely large GDPR remediation exercise, which involved amending over 3000 contracts with the client's customers. Katie liaised with the customers and their lawyers to agree the amended terms to ensure full compliance with the GDPR requirements for contracts between controllers and processors. This enhanced Katie's data protection expertise in the pensions sphere, including her understanding of the particular data protection issues that arise for trustees and actuaries/administrators.

High street clothing retailer

Katie carried out an analysis of the actions required for GDPR compliance for the retailer's employee and customer personal data, and drafted appropriate policies, fair processing notices and international transfers documentation. This was particularly critical in an organisation that does a great detail of individual customer-facing business, and Katie worked with people in a variety of teams at the retailer (including Sales, HR and their online store), to map their data processing activities and requirements.

Builder of international cruise liners

Katie carried out an analysis of the personal data stored on board cruise ships (such as on crew lists) and the issues relating to data sharing when this personal data was passed to ship purchasers upon sale of the ship. She drafted appropriate contractual protections accordingly, including dealing with international transfers of data when a ship was flagged to a non-EU Member State. Katie also analysed the impact of the GDPR on the shipbuilder's existing personal data procedures. This matter further expanded Katie's experience of analysing personal data in a wide variety of situations.

Food retail company

Katie advised on a complaint to the ICO by a customer alleging a potential breach of data protection law. She corresponded with the ICO and communicated the steps that the client had taken to address the issue, and the complaint was taken no further. This further boosted Katie's experience in dealing with the data protection regulator and in successfully resolving issues and investigations for clients.

More: Data protection and information

Commercial, outsourcing and technology

Katie provides broad commercial contracts and consumer law advice to clients in a range of sectors, including financial services, leisure and retail.

International airline

Katie has advised this client on several commercial contracts relating to the servicing of its aircraft, in particular for the supply of maintenance services, which is essential to the daily operation of the airline. She has also reviewed contracts for the purchase of disaster recovery and crisis management services.

Luxury hotel

Katie has provided advice to a luxury hotel in London on several of its contracts for goods and services and on its risks relating to the security of guests' possessions.

National Museum Authority

Katie drafted a series of template contracts covering a whole range of activities undertaken by the authority, including commissioning work, putting on exhibitions, hiring contractors, loaning and being loaned pieces, being gifted pieces and producing merchandise for the museum gift shop. The work involved dealing with the commercial implications of, and mitigating the risks involved in, the authority's business.

Food and drink manufacturer

Katie drafted a sponsorship agreement for a large client to use to cover its sponsorship of several running events. She gained experience in protecting the client, particularly in relation to it controlling how it would be promoted both before and at each race.

More: Commercial, outsourcing and technology

Art and cultural property

Katie has advised several clients in the arts sector on commercial and data privacy law. In particular, she has assisted a variety of fine art dealers with their sales and purchases, and has advised auction houses on commercial law. She also helped a London theatre company successfully resolve Freedom of Information law enforcement action by the Information Commissioner's Office.

National Museum Authority

Katie drafted a series of template contracts covering a whole range of activities undertaken by the authority, including commissioning work, putting on exhibitions, hiring contractors, loaning and being loaned pieces, being gifted pieces and producing merchandise for the museum gift shop. The work required a deep knowledge of the functioning of museums and art galleries and involved dealing with the commercial and intellectual property implications of, and mitigating the risks involved in, the museum's day to day business.

Art advisory and investment services company

Katie drafted an art advisory and managed art portfolio agreement for one of the client's customers, a high profile investment fund in the fine art sector. In her drafting, Katie used her experience to protect the client against the risks inherent in the services it offered, such as auction guarantee broking and due diligence on provenance and title of works of art.

Commission for public artworks

Katie negotiated and re-drafted commissioning agreements for two very high profile public works of art from a world-class artist. The drafting was particularly complex in relation to the merchandising and image rights over the works; and Katie also had to consider the requirements for safety and maintenance since the works were to be located in public areas.

Purchase of medieval artefact

Katie acted on the sale of a set of manorial court rolls, which are a set of historically significant artefacts dating from the 13th to the 20th century and were being sold by the Lord of the Manor to a local authority. Katie carried out due diligence for the authority to establish authenticity and title, and drafted the sale and purchase documentation, as well as facilitating the sale itself. Katie also liaised with the Heritage Lottery Fund on its requirements in relation to its partial funding of the purchase.

Art dealer 

Katie advised on the back to back sale and purchase of, and related escrow arrangements for, a significant work of art worth several million pounds. Katie drafted appropriate protections for the dealer when drafting the terms of sale, and advised on insurance, consignment and title provisions. 

More: Art and cultural property

Technology

Professional services firm

Katie acted for a large professional services firm on the negotiation of a high value contract for billing software, which was key to the client's profitability.

Rail company

Katie advised on drafting a software licence for a train company in connection with its provision of smart ticketing services.

Online design start-up

Katie acted for a start-up design company in drafting the terms of website use, terms of online sale and privacy and cookies policies.

Healthcare provider

Katie reviewed the contractual framework of the IT of a target healthcare company on behalf of the purchaser, and drafted appropriate contractual protections to be put in place in the purchase agreement.

Pharmaceutical client

Katie drafted terms of use for a urology app for a leading pharma company and considered related information security and data privacy points.

Domain services provider

Katie advised a domain services provider on the data privacy implications of its proposed launch of a new project and on the implications of the GDPR.