Data Protection Compliance

Privacy and Data Protection

“…helpful – concise, very professional… would highly recommend them as a truly professional practice. Thank you for your attention and support….”


All Practice Areas

Contentious and Non-Contentious

  • GDPR
  • Confidential Information
  • Privacy
  • Reputation Damage
  • Cybersecurity and freedom of information issues
  • List item

GDPR Compliance

Our primary focus within information rights law is GDPR compliance. The GDPR practice focuses on advising businesses, organisations and consumers.

We advise businesses operating online and offline in complying with GDPR laws.

Our GDPR compliance specialisation is in relation to users of digital platforms and service providers of those platforms as follows:

Read more about our GDPR practice

Focus Areas


  • GDPR regime
  • Data sharing and transactions
  • Data breaches, sanctions and enforcement
  • GDPR in specific activities
  • GDPR regime—DPA 2018

Our GDPR services include:

Advising on all aspects of compliance with the Regulations as they relate to digital businesses specifically:

  • Bespoke privacy policies that are GDPR compliant
  • Tailored GDPR compliant data sharing schedules and clauses
  • All types of GDPR compliant privacy notices
  • GDPR compliant cookie policies
  • Cybersecurity, threats and risk management
  • Database transactions and management
  • Dealing with civil and criminal investigations by the ICO
  • Providing advice on Guidance from the UK Information Commissioner’s Office (ICO)
  • We represent claimant or defendant in civil compensation claims.


  • Under the GDPR Act 2018, if consumers have suffered damage or distress, they can claim for compensation.

  • There are no guidelines about how much compensation for a claim under the GDPR Act. It can be as little as between £750 to £1,000 in pre-action settlement or much higher depending on the nature of your case. A recent ruling has also meant that a person or persons if it is a class action, can claim damages from distress even if there has been no actual loss suffered.

  • If there is a trial, the judge will consider all the circumstances, including the seriousness of the breach and the impact on the claimant in awarding damages.



The limitation period for making a GDPR claim is currently six years.



We are a full-service information rights and intellectual property law practice focused on digital media projects. For a consultation with us use our contact form or email Our sole principal Peter Adediran is a UK licensed lawyer, therefore focuses on UK and EU. Our consultant Richard Jefferson is a California licensed lawyer, therefore advises on US and Californian law.

Scroll to Top