Data Protection Compliance

Our practice areas within Information Rights, which are contentious and non-contentious, are: data protection; confidential information; privacy; reputation damage; cybersecurity and freedom of information issues.
 
Our data protection compliance practice focuses on advising businesses & organisations not individuals. We advise businesses operating via a digital platform in complying with data protection laws. In other words, any platform through which a business conducts its affairs online – including its websites, applications for mobile, tablet and other smart devices and application program interfaces. We focus only on information rights within our niche which typically are users of digital platforms and service providers of those platforms as follows:

Data Protection

• Data protection regime
• Data sharing and transactions
• Data breaches, sanctions and enforcement
• Data protection in specific activities
• Data protection regime—DPA 1998

 

Our data protection services include:

 

Advising on all aspects of compliance with the Regulations as they relate to digital businesses specifically:
 

  • Drafting bespoke privacy policies that are GDPR compliant;
  •  

  • Drafting bespoke GDPR compliant data sharing schedules and clauses;
  •  

  • Drafting all types of GDPR compliant privacy notices
  •  

  • Drafting GDPR compliant cookie policies
  •  

  • Cybersecurity, threats and risk management
  •  

  • Database transactions and management
  •  

  • Dealing with civil and criminal investigations by the ICO; and providing advice on Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation
  •  

  • As we focus on businesses and organisations only in respect of the data protection practice area we represent the defendant not the claimant in data protection civil compensation claims. As a business or organisation that collects personal information you should be aware that members of the public can bring a civil action in the county court for damages under the Data Protection Act 2018 if they have suffered damage or distress caused by your breach of any part of the Data Protection Act for compensation. There are no guidelines about how much compensation can be awarded for a claim under the Data Protection Act. It can be as little as between £750 to £1,000 in pre-action settlement or much higher depending on the nature of your case. A recent ruling has also meant that, a person or persons if it is a class action, can claim damages from distress even if there has been no actual loss suffered. If there is a trial the judge will consider all the circumstances, including the seriousness of the breach and the impact on the claimant in awarding damages. The limitation period for making a data protection claim is currently six years.

Related Practice Areas
Confidential information
Database disputes
Reputation management

 

Contact Us

 

“…helpful – concise, very professional… would highly recommend them as a truly professional practice. Thank you for your attention and support….”

Scroll to Top