Data protection and information
  • Related Sectors
  • Related Locations
  • Awards

Data protection and information

Our international data protection team provides practical and commercial advice to clients across a wide range of sectors and jurisdictions. Recognised by legal directories, our team is highly experienced in advising on all aspects of data protection law, covering advisory, transactional, contentious and investigations data privacy issues. Visit our data protection hub to discover more information about data protection hot topics, key legal developments and our expertise and offering.
  • Profile
  • Experience
  • Key contacts

Our experienced team of data protection specialists can assist with:

  • GDPR and data protection law compliance – advising on all aspects of data protection law, including updating contracts and policies for DP law compliance.
  • Cyber security and data breaches – providing strategic advice in relation to data privacy incident management and information security.
  • Data subject rights and freedom of information - responding to data subject access requests and complaints, including as part of employee grievance processes or litigation and drafting procedures, as well as advising on handling freedom of information requests.
  • Direct marketing and cookies – including advising on online/electronic direct marketing, social media and cookies.
  • Cross-border data transfers - drafting and advising on intra-group and external data transfer arrangements and safeguards.
  • Technology and data protection – including advising on privacy issues arising from technologies, including geo-location of mobile payment and apps and on privacy implications of smart devices, employee monitoring, bring your own device and AI.

"The ‘incredibly responsive, personable and efficient’ Stephenson Harwood handles the full gamut of data protection and information law issues."
The Legal 500 UK 2022

International bank

Advised an international bank on its GDPR compliance programme, providing a full suite of services from close involvement in the bank's data mapping exercise, providing a gap analysis on its compliance and producing sets of policies, contracts and procedures to fill the gaps identified to help the client work towards becoming GDPR-compliant.

Listed financial services provider

Advised in relation to a data breach of a payment platform operated by the client, where hackers had gained unauthorised access to the personal data of customers of over 5,000 merchants. This included advising on all aspects of incident response and potential disputes with third parties.

Professional services firm

Advised a professional services firm in relation to various DSAR compliance requirements and data subject requests in its contractual arrangements and standard terms.

DIFC data protection law 2020

Advised the Dubai branch of an international bank, and several other DIFC based/incorporated companies, on compliance with the DIFC data protection law 2020, including advice on filing requirements, processes, content of privacy policies, the appointment of a data protection officer and employment contract updates.

Financial institution

Advised a financial institution in Hong Kong on a data breach incident allegedly caused by the negligence of a third party service provider.

Online beauty retailer

Advised one of Europe's largest online beauty retailers on their GDPR compliance project including their direct marketing activities.

Analytics company

Advised an international analytics company on its response to the Schrems II case, including its intra-group transfers and transfer of client data to the US. 

Australian company

Advised on its complex onward transfer issues of EU personal data from the company in Australia to other jurisdictions and the impact of the Schrems II judgment.

Leading property developer

Advised on updates required to its UAE privacy policy to allow for potential transfers of consumer data between several Middle East jurisdictions, India and the UK.

Leading pharma company

Provided data privacy advice and drafted terms for healthcare apps for a leading pharma company including considering related information security and data privacy points.

Luxury goods and retail brands

Advised a luxury goods brand and a retail brand on its use of adtech, cookies and tracking pixels.

Lawyer

Katie Hewson Partner

T:  +44 20 7809 2374
M:  Email Katie | Vcard Office:  London

Lawyer

Naomi Leach Partner

T:  +44 20 7809 2960
M:  +44 7769 143 367 Email Naomi | Vcard Office:  London

Lawyer

Tom Platts Partner

T:  +65 6622 9641
M:  +65 8233 3245 Email Tom | Vcard Office:  Jakarta, Singapore

Lawyer

Sheetal Sandhu Partner at Virtus Law

T:  +65 6661 6523
M:  +65 9114 9920 Email Sheetal | Vcard Office:  Singapore

Lawyer

Ben Sigler Partner

T:  +44 20 7809 2919
M:  +44 7584 237 401 Email Ben | Vcard Office:  London

Latest news & insights

09 Mar 2023

From Insights

Take two: What's new in the Latest UK Data Protection and Digital Information Bill?

After a rather stop start journey, a new Data Protection and Digital Information (No. 2) Bill was introduced to Parliament on 8 March 2023 by the Department for Scienc..

More

03 Mar 2023

From Insights

Data Protection update – February 2023

Welcome to the Stephenson Harwood Data Protection bulletin, covering the key developments in data protection law from February 2023.

More

01 Mar 2023

From Insights

PRC law alert – New legislation on export of personal information 中国法律更新 - 关于个人信息出境的新立法

On 24 February 2023, the Cyberspace Administration of China (CAC) officially published the Measures on the Standard Contract for Export of Personal Information (Measur..

More

06 Feb 2023

From News

Stephenson Harwood enhances technology practice with two new partners

Law firm Stephenson Harwood LLP has strengthened its technology practice with the arrival of two new dispute resolution partners, Michael Bywell and Peter Dalton.

More

02 Feb 2023

From Insights

Data Protection update – December 2022-January 2023

Welcome to our data protection bulletin, covering the key developments in data protection law from December 2022 and January 2023.

More

12 Dec 2022

From News

Katie Hewson wins Privacy Leader of the Year at PICCASO Privacy Awards

Stephenson Harwood data protection partner Katie Hewson has won the 'Privacy Leader of the Year: Legal​' award at the inaugural PICCASO Privacy Awards.

More

02 Dec 2022

From Insights

Data Protection update – November 2022

Welcome to our data protection bulletin, covering the key developments in data protection law from November 2022.

More

02 Nov 2022

From Insights

Data Protection update – October 2022

Welcome to our data protection bulletin, covering the key developments in data protection law from October 2022.

More

04 Oct 2022

From Insights

Data Protection update – September 2022

Welcome to our data protection bulletin, covering the key developments in data protection law from September 2022.

More

31 Aug 2022

From Insights

Data Protection update - August 2022

Welcome to our data protection bulletin, covering the key developments in data protection law from August 2022.

More

05 Aug 2022

From Insights

Data Protection update - July 2022

Welcome to our data protection bulletin, covering the key developments in data protection law from July 2022.

More

19 Jul 2022

From Insights

DCMS AI Policy Statement

On 18 July DCMS issued a Policy Statement and call for views and evidence on the governance and regulation of AI.

More

12 Jul 2022

From Insights

International employee DSARS - Practical tips for UK employers

n a recent article for Thomson Reuters PLC Magazine, partner Katie Hewson, associate Kate Ackland, trainee Joseph Samuelson and solicitor apprentice Jake Saville discu..

More

12 Jul 2022

From Insights

Businesses operating in Hong Kong providing services to individuals in Mainland China: Personal data issues to consider 为中国大陆人士提供服务的香港企业:需要考虑的个人资料问题

The Personal Information Protection Law, which took effect on 1 November 2021, is Mainland China's first piece of legislation that relates entirely to data protection ..

More

07 Jul 2022

From Insights

Data Protection update - June 2022

Welcome to our data protection bulletin, covering the key developments in data protection law from June 2022.

More

01 Jun 2022

From Insights

Data Protection update - May 2022

Welcome to our data protection bulletin, covering the key developments in data protection law from May 2022.

More

print-footer
logo
© Stephenson Harwood LLP 2016. Any reference to Stephenson Harwood in this document means Stephenson Harwood LLP and/or its affiliated undertakings. Any reference to a partner is used to refer to a member of Stephenson Harwood LLP.