Data protection and information

Our experienced team advises clients in relation to all aspects of data protection and information law. Our focus is on providing clear, succinct guidance that cuts through the complex framework of the regulations and goes further than straightforward black letter advice.
  • Profile
  • Experience
  • Key contacts

Our team advises on:

  • Cross-border data transfers - drafting intra-group and external data transfer arrangements and coordinating multi-jurisdictional advice.
  • Marketing – advising on privacy issues around online and other channels of direct marketing and compliance with e-Privacy Regulations (including use of social media for marketing).
  • Mobile payment and other applications – advising on the privacy impacts of developing mobile applications, including issues around the use of geo-location data.
  • BYOD – advising on the privacy implications of “bring your own device” initiatives rolled out to employees of large regulated organisations.
  • Privacy policies – drafting and advising on internal (employee) and external (customer) privacy policies and “fair processing notices”.
  • SARs – advising on subject access requests, including as part of employee grievance processes or litigation.
  • FoIA - advising both public sector clients on handling freedom of information requests and on the implications for private sector clients of contracting with public sector bodies.
  • Governance and control – providing strategic advice on data privacy incident management, information security and record retention.

Members of the team have also spent time on client secondments, including to the privacy teams of Barclays Bank and Standard Chartered Bank.

"The team really know what they're doing. They just become part of our team, which I've truly enjoyed"
Chambers UK 2014

Barclays Bank PLC

We advise on a wide range of privacy issues including time on secondment to its Data Privacy Legal team and advising on digital marketing initiatives.

Multi-national life science company

We advise a multi-national life science company on its intra-group data transfer agreements and registrations.

UK Pharma company

We advise UK Pharma company on DP policies and standard operating procedures.

Standard Chartered Bank

We advise Standard Chartered Bank on EU data protection issues.

The Cloud Networks Limited

We advise The Cloud Networks Limited on data retention regulations.

Corporation Service Company

We advise Corporation Service Company on a global privacy programme.

Large US retailer

We advise a large US retailer on the regulatory issues relating to the launch of an e-commerce website in the UK and changes to the ePrivacy Directive.

Affinion International

We advise Affinion International on data protection considerations relating to card protection products and a scheme of redress.

LOVEFiLM

We advised LOVEFiLM on data protection issues relating to its sale to Amazon.

We are also recognised as a leading law firm in the Legal 500 directories.

Lawyer

Naomi Leach Partner

T:  +44 20 7809 2960
M:  +44 7769 143 367 Email Naomi | Vcard Office:  London

Lawyer

Tom Platts Partner

T:  +65 6622 9641
M:  +65 8233 3245 +95 94 2651 1218 Email Tom | Vcard Office:  Jakarta, Singapore

Lawyer

Ben Sigler Partner

T:  +44 20 7809 2919
M:  +44 7584 237 401 Email Ben | Vcard Office:  London

Latest news & insights

13 Sep 2021

From Insights

The ICO calls for views on data protection and employment practices

The ICO has launched a call for views on data protection and employment practices to help shape a new user-friendly resource (the "New Resource") to replace the ICO's ..

More

06 Sep 2021

From Insights

Data Protection update - August 2021

Welcome to our Data Protection bulletin, covering the key developments in data protection law from August 2021.

More

13 Aug 2021

From Insights

Data's coming home: the proposed future for international transfers under the UK GDPR

On 11 August 2021, the Information Commissioner's Office ("ICO") published a consultation on its long-awaited draft guidance for international transfers of personal da..

More

02 Aug 2021

From Insights

Data Protection update - July 2021

Welcome to our Data Protection bulletin, covering the key developments in data protection law from July 2021.

More

01 Jul 2021

From Insights

Data Protection update - June 2021

Welcome to our Data Protection bulletin, covering the key developments in data protection law from June 2021.

More

10 Jun 2021

From Insights

Map, Update, Remediate

On 4 June 2021, the European Commission adopted new standard contractual clauses for transfers of personal data to third countries (“New SCCs”), which are set to come ..

More

02 Jun 2021

From Insights

Data Protection update - May 2021

Welcome to our Data Protection bulletin, covering the key developments in data protection law from May 2021.

More

25 May 2021

From Insights

Data protection and coronavirus: what you need to know

It is undoubtedly a challenge for organisations to manage data protection and privacy risks while also responding to the threats posed by Covid-19.

More

04 May 2021

From Insights

Data Protection update - April 2021

Welcome to our Data Protection bulletin, covering the key developments in data protection law from April 2021.

More

06 Apr 2021

From Insights

Data Protection update - March 2021

Welcome to our Data Protection bulletin, covering the key developments in data protection law from March 2021.

More

04 Mar 2021

From Insights

Amendments to Personal Data Protection Act

On 1 February 2021, certain key amendments to the Personal Data Protection Act 2012 ("PDPA"), as well as accompanying subsidiary regulations, came into force.

More

02 Mar 2021

From Insights

Data Protection update - February 2021

Welcome to our Data Protection bulletin, covering the key developments in data protection law from February 2021.

More

03 Feb 2021

From Insights

Data Protection update - January 2021

Welcome to our Data Protection bulletin, covering the key developments in data protection law from December 2020 and January 2021.

More

07 Jan 2021

From Insights

Data protection and 5MLD

The Fifth Money Laundering Directive (5MLD) came into force on 10 January 2020 and imposes on art market participants a new obligation to carry out a range of due dili..

More

29 Dec 2020

From Insights

Brexit trade deal: what does it mean for data protection law?

The UK and the EU have agreed a Brexit trade deal, the draft EU-UK Trade and Cooperation Agreement ("Agreement").

More

18 Dec 2020

From Insights

Appropriate technical and organisational measures: key takeaways from the recent ICO BA, Marriott and Ticketmaster penalty notices

The ICO has recently issued three high profile MPNs in relation to breaches of Articles 5(1)(f) and 32 GDPR.

More

print-footer
logo
© Stephenson Harwood LLP 2016. Any reference to Stephenson Harwood in this document means Stephenson Harwood LLP and/or its affiliated undertakings. Any reference to a partner is used to refer to a member of Stephenson Harwood LLP.