Data Protection & Privacy |
Data Protection & Privacy Law matters which we can assist you with may include: - Data Protection Compliance Audits, Privacy Impact Assessments & Compliance Implementation Plans
Carrying out detailed company-wide assessments or ICO privacy impact assessments of an Organisation’s data processing activities. These are usually carried out by designing relevant questionnaires, interviewing staff, reviewing current policies and procedures and compiling reports setting out compliance levels and recommendations on practical steps that are needed to address areas of risk and best practice
- Compliant data transfer inside and outside the EEA
Advising on how to transfer information internationally by using, for example, the European Standard Contractual Clauses, Binding Corporate Rules, Safe Harbor scheme, consent based transfers or Adequacy Self-Assessment
- Data Retention Audits & Policies
Carrying out company-wide assessments of an Organisation’s data retention needs by designing retention questionnaires, interviewing staff, reviewing current policies and procedures and compiling compliance reports. Drafting Data Retention Schedules to help ensure ongoing compliance on a practical level
- Compliant e-privacy and direct marketing campaigns
Advising on how best to exploit your customer databases without breaching the raft of complex legislation (including the Data Protection Act and Privacy & Electronic Communications Regulations) governing these activities
- Fair Collection Statements, Website Privacy Policies and Health Checks
Drafting or reviewing fair processing information / data collection statements and privacy policies as well as reviewing data collection forms and methods of obtaining compliant opt-in and opt-out consents
- Dealing with the UK Information Commissioner and other EU supervising authorities
Assisting with ICO investigations and minimising risks of enforcement action
- Data Protection policies, handbooks and employment documentation
Drafting and reviewing data protection policies and procedures to ensure compliance with the legislation and best practice where appropriate
- Data Processing Agreements
Where you are a data controller in relation to personal data held and you decide to appoint a data processor to carry out certain business functions for you (for example, payroll activities, contractors, call centres, mailing houses, debt collectors etc.) you are required by law to have a written agreement in place with that processor setting out certain key provisions. We can assist in drafting stand alone agreements, clauses for insertion into your main agreement or side letters where existing contractual arrangements are already in place
- Handling Subject Access Requests and Complaints
Assisting with the handling of and making of subject access requests and complaints in relation to data processing activities
We are happy to discuss provision of a fixed cost data protection helpline service to assist you with your day to day data protection queries
- Procurement of Data Protection compliant systems
Advising on data protection issues associated with the procurement of new business and IT systems
For more information about our experience in these areas of law, please see
the Our Experience page.
Otherwise, please Contact Us to discuss your legal
or consultancy requirements in more detail. |
