Firms To Watch: Data protection, privacy and cybersecurity

Founded in 2022 by Phil Lee, formerly at Fieldfisher, Digiphile’s specialist UK and EU data protection and cybersecurity practice acts for global technology companies, handling compliance, commercial, and cybersecurity risk management issues.

Data protection, privacy and cybersecurity in London

Bird & Bird LLP

Noted for its ‘excellent experience and knowledge,’ the data protection and privacy team at Bird & Bird LLP acts for a wide range of market-leading clients on an international basis, with particular expertise in the technology, pharmaceuticals, media, and telecoms sectors. Ruth Boardman leads the practice and has extensive experience advising on the full range of data privacy issues, including dealings with data protection authorities and personal data breaches. Gabriel Voisin handles international data transfers and compliance projects. ‘Highly knowledgeable‘ legal director Elizabeth Upton is a key name for GDPR compliance and international data transfers, while senior associate Alex Jameson has a broad practice that covers compliance, employment-adjacent privacy matters, and novel issues such as AI. The team strengthened its enforcement, regulatory, and investigations practice with the March 2023 arrival of James Moss, the former legal director of regulatory enforcement at the ICO. Former practice co-head James Mullock left the firm in April 2023.

Praxisleiter:

Ruth Boardman


Weitere Kernanwälte:

Gabriel Voisin; Elizabeth Upton; James Moss; Alex Jameson


Referenzen

‘The level of the advice is exceptional, based on a deep understanding of our segment of the market – tech and privacy. I work mostly with Gabriel Voisin and Alex Jameson. Their advice is spot on with practical and efficient solutions.’

‘Alex Jameson, albeit young, has a lot of practical and spot-on advice in our tech field.’

‘B&B is a specialised technology and data protection law firm with excellent experience and knowledge of the technology sector.’

Bristows LLP

Bristows LLP‘s full-service offering runs the gamut of transactional, advisory, and contentious data privacy, protection, and cybersecurity issues, handling high-profile data breaches, litigation, and global compliance matters for blue-chip international technology and life sciences clients. Practice head Mark Watts has an ‘effortless mastery of the subject‘ and is recommended for his expertise in global compliance projects and regulatory litigation, while Marc Dautlich advises clients in the life sciences sector on the full range of data protection issues and cyber incidents. Hannah Crowther was promoted to the partnership in May 2023 and tackles high-profile contentious matters before UK and European data protection authorities. At the senior associate level, key names include Jamie Drucker, noted for his ‘impressive grasp of detail and technical law’, and Faye Harrison, who handles privacy compliance programmes and strategy.

Praxisleiter:

Mark Watts


Weitere Kernanwälte:

Jamie Drucker; Hannah Crowther; Marc Dautlich; Faye Harrison; Christopher Millard


Referenzen

‘There are two individuals that stand out. The first is the partner Mark Watts. Effortless mastery of the subject and stakeholder management. The second is the senior associate Jamie Drucker. Really skilled and knowledgeable and an all round nice guy who is always willing to help.’

‘Mark Watts is an excellent lawyer to work with. He is very practical with his advice and he adapts as necessary to the style of his clients.’

‘Our go-to external firm for complex data privacy issues. We have instructed them for a number of years and have found their service to date to be faultless.’

Kernmandanten

Coalition for Epidemic Preparedness Innovations


Google


Twitter, Inc.


Meta Inc. (WhatsApp, Facebook, Instagram)


Costello Medical


General Electric


McKinsey Consulting


WarnerBrosDiscovery


Highlight-Mandate


  • Advising Twitter regarding its acquisition by Elon Musk.
  • Advising WarnerBrosDiscovery in connection with integration activity.
  • Advising General Electric in connection with its Binding Corporate Rules.

Dentons

Offering ‘excellent, industry informed, advice that is practical and strategic in nature,’ the team at Dentons is regularly instructed by major multinationals on the full spectrum of data privacy, protection, and cybersecurity issues. The team, which benefits from the firm’s wider international network, has particular strength in new and developing technologies and is adept at advising on emerging AI and tech data privacy regulation, and also has a strong data breach response practice. Simon Elliott now heads the team and leads on large-scale and high-profile regulatory investigations and class action litigation, while founding partner and former practice head Nick Graham is recommended for his expertise in multi-jurisdictional data privacy matters. On the cybersecurity side, Antonis Patrikios handles multijurisdictional data breach responses as well as cybersecurity compliance and incident preparation plans.

Praxisleiter:

Simon Elliott


Weitere Kernanwälte:

Nick Graham; Antonis Patrikios


Referenzen

‘Very collaborative and easy to work with. Always ready with a pragmatic risk-based solution.’

‘Nick Graham is the standout partner. Always a pleasure to work with. Great depth of knowledge and a welcome calm, wise presence in difficult situations.’

‘The team provides excellent, industry informed advice that is practical and strategic in nature.’

Kernmandanten

Avis Budget Group


Virgin Atlantic


Avania Investments


John Lewis Partnership


Meta


Global Payments


RealtimeBoard (Miro)


Dentsu


TopGolf


Bain


Highlight-Mandate


  • Sole global privacy and cyber counsel to Avis Budget Group, advising on all aspects of global data protection compliance and related issues.
  • Embedded into Virgin Atlantic’s data privacy operations to provide strategic and operational support across the full range of data privacy issues facing the company.

Fieldfisher

Fieldfisher‘s data privacy, security, and information team acts for clients across a broad range of sectors, including financial services, health and life sciences, and tech. Counting start-ups and large multinationals alike among its clients, the team handles compliance, commercial data contracts, and cyber incident responses on a multi-jurisdictional level. Hazel Grant heads the team and has particular expertise in international data transfers, global data compliance projects, and data audits, while Renzo Marchini handles data breach responses and subject access disputes. Director Nuria Pastor is dual-qualified in England and Wales and Spain, and is a key name for regulatory queries and data export strategies. 2022 saw the departures of Phil Lee, now at Digiphile, and Eleonor Duhs, now at Bates Wells.

Praxisleiter:

Hazel Grant


Weitere Kernanwälte:

Nuria Pastor; Renzo Marchini; Leonie Power


Referenzen

‘Well rounded capacities and knowledge of the industry.’

‘Nuria Pastor and Renzo Marchini stand out as great support with pragmatic advice and a great understanding of our industry.’

‘The practical approach, the understanding of the needs of different sectors, good understanding of technology, timely responses.’

Kernmandanten

dunnhumby Limited


Mitsubishi Tanabe Pharma


Free Now


Hasbro and Wizards of the Coast (WotC)


Ancestry Ireland Unlimited


Deltatre Limited


Peloton Interactive, Inc.


Highlight-Mandate


  • Providing ongoing advice to dunnhumby in relation to its UK and EU privacy needs.
  • Advising Hasbro Inc, the household name behind brands such as Monopoly, Wizards of the Coast (WotC) and Furby, on its ongoing GDPR compliance.
  • Supporting Mitsubishi Tanabe Pharm as a data protection officer (DPO) client.

Hogan Lovells International LLP

Hogan Lovells International LLP‘s privacy and cybersecurity team consists of ‘true data protection practitioners‘ and has ‘extensive knowledge of the law‘, with significant transatlantic capabilities. The team has particular strength across the tech, e-commerce, life sciences, and financial services sectors, advising international household names on high-profile and critical contentious and non-contentious issues, including emerging areas including biometrics and AI. The highly rated and ‘hugely knowledgeableEduardo Ustaran oversees the practice and is adept at handling both advisory work and litigation, having extensive experience representing major multinational corporations in regulatory investigations, enforcement proceedings, and high-profile litigation. Nicola Fulford is the key name for international data transfers, privacy policies, and compliance strategies.

Praxisleiter:

Eduardo Ustaran


Weitere Kernanwälte:

Nicola Fulford


Referenzen

‘Good strength in depth and international support available.’

‘Eduardo Ustaran is hugely knowledgable and has a great presence with senior client representatives.’

‘The team are true data protection practitioners who not only have extensive knowledge of the law but are able to apply it in a pragmatic and commercial way. They are also very responsive and great to work with.’

Kernmandanten

Wix


Salesforce


AmerisourceBergen Corporation


Verizon


BDO


Sotheby’s


NCS Pearson


Highlight-Mandate


  • Advised Salesforce.com on a broad range of compliance and commercial issues relating to privacy and cybersecurity, including its strategy to comply with Schrems II and the implementation of Processor Binding Corporate Rules (BCR) in the EU and the UK.
  • Advising BDO, the fifth largest accounting network globally, on the adoption, authorisation and implementation of BCR, including managing the approval process and engaging with regulatory authorities.
  • Assisted NCS Pearson, a US-based company that develops and markets enterprise application software, with cutting-edge strategic and operational advisory work, including the use of biometrics, AI and the worldwide roll out of palm vein technology.

Linklaters LLP

Equally adept at handling contentious and non-contentious mandates, the ‘exceptional’ data privacy team at Linklaters LLP routinely handles significant global compliance projects, regulatory investigations and enforcement actions, and high-profile data breaches for an impressive roster of clients. ‘Senior statesmanRichard Cumbley oversees the practice and has a strong contentious practice, handling large-scale privacy litigations and appeals before regulatory authorities. Fielding a deep and accomplished bench of specialists, the team also includes Georgina Kon, who takes point on cybersecurity matters and handles international cyber and privacy-related regulatory investigations, Harriet Ellis, an experienced litigator with a particular focus on collective actions, as well as Greg Palmer, who was elevated to the partnership in May 2023. At the associate level, the ‘excellent and extremely knowledgeablePatrick O’Connell acts for public bodies and private companies on data management, and has particular expertise in gambling-related privacy issues. Counsel Alaister Johnson is also recommended.

Praxisleiter:

Richard Cumbley


Weitere Kernanwälte:

Georgina Kon; Alaister Johnson; Patrick O’Connell; Ben Packer; Peter Church; Harriet Ellis; Greg Palmer


Referenzen

‘Linklaters have great global reach and are pushing outwards in terms of the services they are offering. They seem to be adding a lot of strength in depth in this field at the moment. Senior statesmen like Richard Cumbley are backed up by a great generation of new and emerging talent.’

‘The people are great – very accessible, excellent client management and pragmatic advice.’

‘Patrick O’Connell is excellent and extremely knowledgeable. His advice is always on-point and commercially minded. Patrick is approachable, friendly and very professional. Cannot recommend Patrick enough.’

Kernmandanten

Experian


Highlight-Mandate


  • Advised Experian, a leading global information service company and credit ratings agency, on one of the most significant UK data protection appeals to date.
  • Advising a major social media platform on regulatory engagement with the UK Information Commissioner and related privacy civil litigation.
  • Advising one of the world’s largest temporary staffing providers: on a ransomware attack affecting its business in more than 15 countries.

Baker McKenzie

Noted for its ‘impressive depth of knowledge and experience‘, the data protection, privacy and information security practice at Baker McKenzie counts market-leading tech companies, financial services providers, and retail sector clients among its clients. With notable strength in advising on the data protection aspects of corporate transactions, the team also handles cybersecurity work, including data breaches and incident responses. Practice head Paul Glass advises on data breaches, emerging technologies, and regulatory enforcement and has a strong technology disputes practice. In October 2022, the team was bolstered by the arrival of Vinod Bange, former practice head at Taylor Wessing LLP and a seasoned data protection specialist who advises clients from the tech, fintech, and life sciences sectors on the full spectrum of data protection matters. Julia Wilson is the key contact for employment-related data privacy matters.

Praxisleiter:

Paul Glass


Weitere Kernanwälte:

Vinod Bange; Julia Wilson; Joanna de Fonseka


Referenzen

‘We appreciate their impressive depth of knowledge and experience and find the advice they provide clear and practical. The team also makes great effort to be available.’

‘Julia Wilson and Joanna de Fonseka are both extremely knowledgeable and bring a practical, commercial approach to their advice. Julia has a very good understanding of the complexities and challenges of our group and tailors her advice accordingly. Joanna has a quietly assured manner which engenders trust and confidence on the client side.’

‘Baker McKenzie have the strength of sheer market reach, but also starting to add a tech-forward, innovation-focussed spin to their practice. BM are providing great thought leadership in the emerging tech areas, which is very important to us.’

Clifford Chance LLP

Leveraging the firm’s broader transactional, contentious, and commercial capabilities, the data privacy and cybersecurity team at Clifford Chance LLP handles complex, cross-border work for a diverse group of clients spanning numerous sectors including financial services, consumer goods, and the automotive industry. The team is jointly headed by Jonathan Kewley and the ‘fiercely intelligentSimon Persoff. Kewley has a broad practice with particular strength in data protection work for global corporations, while Persoff handles cybersecurity and banking secrecy mandates. On the contentious side, Samantha Ward represents financial institutions and large corporates in regulatory investigations, in addition to advising on cyber incident response planning, while Kate Scott handles civil claims as well as advising on risks related to emerging tech. At the associate level, Herbert Swaniker advises on data-related advisory and transactional matters with a focus on emerging tech including AI, fintech, and data ethics.

Praxisleiter:

Jonathan Kewley; Simon Persoff


Weitere Kernanwälte:

Herbert Swaniker; Kate Scott; Samantha Ward; Claudia Hall; Adam Hunter


Referenzen

‘The team has grown significantly in the last two years and is now one of the strongest on the market. They regularly act for some of the world’s largest companies, dealing with multiple complex issues.’

‘Jonathan Kewley is one of the top technology lawyers in the UK. He is widely respected and has built an impressive team in the last few years. Simon Persoff is fiercely intelligent and has an encyclopaedic knowledge of data protection law. He brings enormous drive and dedication to all his mandates. Herbert Swaniker is a rising star. Loved by clients, he combines great intelligence with equal affability.’

‘Strong collaborative team, working well together.’

Kernmandanten

Citi


Wells Fargo


HSBC


Standard Chartered Bank


Nedbank


PNC Bank


Permira


Partners Group


Cerberus


Blackstone


News Group Newspapers Limited


Fujitsu


Rio Tinto


Viatris


C&C Group plc


GoDaddy


PrimaryBid


LZ Labs


Specialized Bicycles


Mileway


UK Finance


TheCityUK International Regulatory Strategy Group


TechUK


Stop the Traffik


Save the Children


Zero Waste


Business and Human Rights Lawyers Association


Reprieve


Sparkle Malawi


Social Business Trust


Advocates for International Development (A4ID)


Highlight-Mandate


  • Advising HSBC on its acquisition of Silicon Valley Bank UK, on the data protection, banking secrecy, material outsourcing and transitional services aspects of the transaction.
  • Advising a U.S.-headquartered technology company on a range of global and regional data law mandates.
  • Advising a global leader in the automotive industry on a range of data protection, privacy, and technology transformation projects.

CMS

The data, privacy, and cybersecurity practice at CMS leverages the firm’s international network to provide a strong offering with particular strength in multi-jurisdictional regulatory investigations, data protection litigation, and global compliance projects. Regularly instructed by international organisations as well as large multinational corporates across a wide range of industries, the team also advises on international data transfers and emerging technologies. Overseeing the team is Emma Burnett, whose practice focuses on data protection, tech, and outsourcing, particularly in the context of commercial agreements. Loretta Pugh also handles data protection matters and has a strong cybersecurity practice covering incident response planning and breach advice. The ‘first rate’ Duncan Turner leads the Scotland team and is also recommended.

Praxisleiter:

Emma Burnett


Weitere Kernanwälte:

Loretta Pugh; Duncan Turner


Referenzen

‘We work with Duncan Turner. Duncan is a superb lawyer, extremely practicable, reassuring and has a great feel for the negotiating positions of both sides. He also has a first-rate data protection background.’

‘For me, the CMS team’s greatest strength is their understanding of our company’s risk appetite and their ability to find solutions that are legally sound and reflective of our risk tolerance.’

‘Emma Burnett is able to simplify complicated issues to make them easily digestible for a non-legal audience.’

Kernmandanten

Xiaomi


Balfour Beatty Pension Fund Trustee


Octopus Energy


Instadeep


Highlight-Mandate


  • Advised a large multinational streaming service provider to the implementation of a new ad-supported tier within its platform and the related processing particularly in relation to children.
  • Advising a large e-commerce company on the roll out of its revolutionary instore automated retail technology which involved the collection of substantial personal information.

DLA Piper

Large multinational corporations and public sector clients regularly instruct DLA Piper on high-profile mandates concerning legislative reform, emerging technologies and regulation, and multi-jurisdictional cyber incident responses. Ross McKean leads the practice and is recommended for his global data governance and compliance expertise. Andrew Dyson, in Leeds, advises governmental bodies, international organisations, and corporates on policy matters and data breach responses. On the cybersecurity front, the team has seen a notable increase in work related to cyberattacks and cyber resilience. A key name here is Manchester’s David Cook, who was elevated to the partnership in May 2023; his practice has an exclusive focus on contentious cybersecurity and data protection matters, handling civil, criminal, and regulatory litigation matters, as well as internal investigations.

Praxisleiter:

Ross McKean


Weitere Kernanwälte:

Andrew Dyson; David Cook


Referenzen

‘The team is friendly, accessible – always ready to help with any query (both at Legal Director and Partner level).’

The practice has also created an innovative tool to assist with consistently rating and documenting risks associated with international transfers which is incredibly helpful.’

‘I work frequently with Andrew Dyson, he is an expert in this field and is also very pragmatic and responsive and always makes time to discuss queries.’

Kernmandanten

Chubb Insurance Group SE


NHS England


Information Commissioner’s Office


Department for Digital Culture Media and Sport (DCMS)


Office for AI (UK Government)


Aon plc


IPSA


SolarWinds


Reckitt Benckeiser


Emirates


Highlight-Mandate


  • Engaged by the Office for AI to provide in depth analysis on the current and prospective legal framework the UK to regulate the use of AI.

Eversheds Sutherland (International) LLP

The privacy and cybersecurity team at Eversheds Sutherland (International) LLP acts for public bodies and UK and multinational corporates on matters concerning international data transfers, data breach incidents, and large-scale litigation. Paula Barrett, head of the practice, is ‘ preeminent in her detailed yet practical advice‘ and is regularly instructed on international compliance programmes, regulatory investigations, and incident response, with particular sectoral expertise in financial services, life sciences, and telecoms. Liz Fitzsimons heads the team’s freedom of information subgroup, while Philip James specialises in fraud prevention, cybersecurity incidents, and multijurisdictional regulatory investigations. Dave Hughes handles privacy and cybersecurity work for clients in the consumer sector. ‘Persistent and pragmatic‘ senior associate John Inglese is also recommended.

Praxisleiter:

Paula Barrett


Weitere Kernanwälte:

Liz Fitzsimons; Philip James; Dave Hughes; John Inglese


Referenzen

‘The Data Protection team we use at Eversheds has strength and depth in the number of strong data protection specialists that it has. Our key contact is Dave Hughes who is one of the partners in the Data Protection team. Dave is commercially very pragmatic, helpful and always makes himself available for key matters.’

‘I work with Liz Fitzsimons’ team on FOI and data protection. They have a lot of knowledge and practical experience of dealing with the ICO which is invaluable. It enables them to give very pragmatic advice on how to approach issues.’

‘The individuals I have worked with are extremely responsive and will always make time in a very busy schedule for calls etc. They are hugely knowledgeable and experienced and give very practical advice taking on board a deep knowledge of their client.’

Kernmandanten

Meta (Facebook, Reality Labs, WhatsApp)


Dyson


LHR Airports Ltd (Heathrow Airport)


Akamai


Thames Water Utilities Ltd


Specsavers


DWR Cymru Welsh Water


IATA


NEST Corporation


MicroStrategy


Kering Group


WC Bradley


National Grid


Telford & Wrekin Council


Ecclesiastical Insurance Office plc


South London Coroner


Rizvi


Latham & Watkins

Latham & Watkins has an active privacy and cyber practice that runs the gamut of contentious and non-contentious data work, including compliance, regulatory, litigation, and transactional matters. The team leverages the firm’s international network and cross-departmental tech expertise to provide a full-service data protection and cybersecurity offering, acting for a range of companies, including start-ups and global technology corporations. Practice head Gail Crawford is recommended for her expertise in global data privacy compliance issues, while Ian Felstead takes point on data-related litigation and regulatory disputes, both in the UK and globally. Other key names include Fiona Maclean and James Lloyd, whose practices focus on regulatory investigations and enforcement. The team is supported by a strong group of associates and counsel, including counsel Danielle van der Merwe, senior associate Calum Docherty, and associate Hayley Pizzey.

Praxisleiter:

Gail Crawford


Weitere Kernanwälte:

Ian Felstead; Danielle van der Merwe; James Lloyd; Fiona Maclean; Calum Docherty; Hayley Pizzey


Referenzen

‘LW is a dedicated team, an outcome-focused one. Once the objectives are set, they deliver.’

‘I specifically enjoyed the appetite for achievement, detail-oriented and elegant exchanges we had. As a 20 years data protection SME and a lawyer, my expectations were high, and LW knew how to meet those.’

‘The team were extremely knowledgeable and pragmatic in our work with them.’

Kernmandanten

Meta Platforms, Inc.


SAP SE


Farfetch


Fandom


GB Group plc


Intuit, Inc.


Mimecast


Credit Suisse


DAZN


Anzo Group


Highlight-Mandate


  • Advising Meta, as lead counsel in relation to a number of highly complex and multijurisdictional regulatory investigations and inquiries regarding alleged data breaches and compliance with data protection laws, and related litigation, globally.
  • Advised entertainment hosting service, Fandom, on data privacy and intellectual property matters in connection with the sale of D&D Beyond to Hasbro.
  • Advised global investment bank, Credit Suisse, on the commercial agreements and data protection implications in connection with a number of strategic transactions, including the sale of its global trust business to independent offshore bank and trust company, Butterfield.

Norton Rose Fulbright

Jointly headed by Marcus Evans and Ffion Flockhart, Norton Rose Fulbright’s data protection, privacy, and cybersecurity team acts for large corporate and government clients in the financial services, life sciences, telecoms, and tech sectors. Evans leads the firm’s data privacy offering, handling multi-jurisdictional privacy issues across the spectrum of compliance, strategy, and regulatory response issues with a focus on emerging technologies. Cybersecurity is a notable strength of the firm, headed by Flockhart who has significant experience advising on the various aspects of risk management, global crisis response coordination, and incident response and impact mitigation.  Working alongside them is Lara White, who is recommended for her expertise advising retail and consumer clients in relation to privacy obligations. At the senior associate level, Shiv Daddar and Fiona Bundy-Clarke act on cross-border data protection and compliance projects.

Praxisleiter:

Marcus Evans; Ffion Flockhart


Weitere Kernanwälte:

Lara White; Shiv Daddar; Fiona Bundy-Clarke


Referenzen

‘The team is very knowledgeable and work together well. They have all relevant data privacy specialisms and always provide pragmatic, business and solution-orientated advice.’

‘I have worked with Lara White and her colleagues Fiona Bundy Clarke and Olivia Wint. I have had a very good working relationship with all of them. They are all efficient, experienced, and experts in their fields.’

‘Shiv Daddar is generally responsive and pragmatic when it comes to ensuring that our global and highly regulated business is able to satisfy European data privacy requirements.’

Pinsent Masons LLP

Noted for its ‘wealth of experience’, the team at Pinsent Masons LLP has full-service data privacy, protection, and cybersecurity offering with notable strength in cross-border matters, advising on the full range of contentious and non-contentious mandates. Jonathan Kirsop leads the information law team, acting for international banks, asset managers, and insurance sector clients on data sharing agreements, multi-jurisdictional privacy projects, and general data protection advice. The ‘extremely reliableKathryn Wynn works alongside him and is regularly instructed by clients in the financial services and fintech sectors on data protection, information security, and freedom of information mandates. David McIlwaine takes point on cyber, and also handles tech disputes alongside David Barker, who heads the data privacy disputes group. Also on the cyber front is Stuart Davey, singled out for his ‘exemplary‘ advice.

Praxisleiter:

Jonathan Kirsop; David McIlwaine; David Barker


Weitere Kernanwälte:

Stuart Davey; Kathryn Wynn


Referenzen

‘Global team with access via my dedicated contact, Kathryn Wynn, to a wealth of experience not only in data protection but more complex contentious issues and data privacy in the context of employment related matters.’

‘Kathryn Wynn is extremely reliable and makes herself available at short notice as required which is hugely appreciated. I very much value the interactions with Kathryn as I know I can use her as a sounding board to validate my view to support internal business discussions but also to procure legal advice and opinion, where needed on more complex matters.’

‘The Pinsent Masons team are experts in their field in relation to data protection/data misuse issues, as well as defamation and right to be forgotten claims. They have solid associates who can readily grapple with these issues, even in complex factual scenarios.’

Kernmandanten

Dixons Carphone Warehouse


DeepMind Technologies Limited


Google UK Limited


Google LLC


Barclays Bank plc


Tesco plc


Zurich Insurance plc


Cabinet Office


Highlight-Mandate


  • Advising Barclays in respect of the remediation of approx. 200 IT and other suppliers following the Schrems II judgment and the issuance of new standard contractual clauses for international transfers of data.
  • Acting for DeepMind and Google in relation to a class action concerning around 1.6 million patient records at the Royal Free hospital.

Ashurst

Ashurst’s data privacy and cybersecurity offering runs the gamut of matters, with particular areas of focus being cyber and breach response, the privacy aspects of emerging technologies, and compliance advise for clients in the financial services and infrastructure sectors. The ‘always impressive, highly knowledgeable and very responsiveRhiannon Webster leads the team and handles regulatory enforcement actions, compliance matters, and data security breach management. At the senior associate level, the team is supported by Shehana Cameron-Perera, whose expertise spans complex data sharing and transfer matters, regulatory complaints, and GDPR compliance projects.

Praxisleiter:

Rhiannon Webster


Weitere Kernanwälte:

Shehana Cameron-Perera; Tom Brookes


Referenzen

‘Partner-level leadership giving pragmatic advice on difficult issues, joined up with other disciplines where needed for holistic view. Associates part of the team where appropriate.’

‘Rhiannon Webster – tackles complex issues with patience and a collaborative approach, focused on finding pragmatic, risk balanced solutions that will work in practice.’

‘Ashurst Data Protection team has two elements that make them stand out, the people and the knowledge of the industry and our company operations. it is a pleasure working with Rhiannon and the rest of the team.’

Kernmandanten

BAI Communications


Department of Transport


East West Rail


HM Treasury and British Business Bank


Keolis Amey


Lendable


McLaren Automotive


Pirum Systems Ltd.


Sage Group plc.


Shawbrook Bank


Stone X


Jefferies


Highlight-Mandate


  • Advising a public limited listed company on its response to a cyber security incident.
  • Advising Sage Group on all of its outsourced data protection work, including on privacy impact assessments; data transfers and contract remediations; data subject access requests (DSARs); and on Sage’s strategic approach to data protection complaints and marketing practices.

Covington & Burling LLP

Regularly instructed by large multinational corporates in strongly regulated sectors, Covington & Burling LLP handles the full range of data privacy, regulatory compliance and investigations, cybersecurity work, and contentious data matters for clients in the tech, pharma, biotech, and medical device industries. Mark Young leads the team and is recommended for his expertise across data privacy compliance, regulatory investigations, and cybersecurity matters, including incident response and evolving cyber-related regulations. Lisa Peets acts for high-profile tech, media, and life science companies and has a broad regulatory practice that also covers legislative advocacy.

Praxisleiter:

Mark Young


Weitere Kernanwälte:

Lisa Peets


Kernmandanten

Microsoft


AstraZeneca


Meta Platforms


Bristol Myers Squibbs


Business Software Alliance


Eli Lilly & Company


American Express


Viacom


DAC Beachcroft LLP

Acting for clients in the insurance, financial services, health, and public sector, DAC Beachcroft LLP’s ‘comprehensive and unequalled‘ expertise spans the full range of data protection, privacy, and cyber matters. Jade Kowalski has particular experience advising clients in the insurance industry on the full range of data protection mandates, while Hans Allnutt specialises in cyber breach response and related litigation; the two jointly lead the team. The ‘outstandingDarryn Hale advises healthcare and public sector clients on data protection, confidentiality, and freedom of information, while ‘talented’ associate Astrid Hardy focuses on defending data breach compensation claims.

Praxisleiter:

Jade Kowalski; Hans Allnut


Weitere Kernanwälte:

Darryn Hale; Astrid Hardy


Referenzen

‘Exceptional breadth and depth of knowledge from the team. They hit the sweet spot between being extremely client friendly and easy to work with, knowing the area of law and regulatory context back to front, and great commercial acumen. They offer a comprehensive and unequalled service for those hit by data breaches.’

‘Hans Allnutt continues to stand out as the go-to partner for data breach and cyber matters. He pioneered the field and has managed some of the leading cases in the courts. Astrid Hardy is one to watch – a talented lawyer destined for great things.’

‘Very good knowledge, always try and solve the problem not tell the client they can’t do it’

Kernmandanten

Beamtree UK Limited


National Data Guardian


NHS England


NHS Digital


The Post Office


The Parliamentary & Health Service Ombudsman


Ivolve (formerly Envivo Group)


Hiscox


Ecclesiastical Insurance


AXA UK/AXA XL


Intelliflo


Mental Health First Aid England


Highlight-Mandate


  • Advising the AXA group of insurance companies on contract support and providing strategic legal advice on AXA’s international data transfers remediation programme arising out of the Schrems II decision following a competitive tender pitched against a top ranked firm.
  • Advising MHFA England on a number of complex and nuanced data protection matters over the last 12 months, including the role of MHFA England, employers and first aiders in connection with the MHFA England App.
  • Acting in matters on behalf of global companies Verlingue Limited, Ince Group and Pendragon in separate cyber attack incidents, and working at short notice to obtain a prohibitive injunction against the criminals behind the attack, to prevent further use or publication of stolen data.

DWF

DWF‘s multi-disciplinary data protection and cybersecurity team stands out for expertise in crisis management and incident response, regulatory investigations, and risk management and compliance matters. Stewart Room, singled out for his ‘unparalleled’ knowledge of the sector, leads the firm’s global data practice and his expertise spans both contentious and non-contentious matters, and has experience acting in major post-GDPR personal data breach cases. Working alongside him is James Drury-Smith, who leads the UK practice, and Manchester-based regional practice head JP Buckley. Also recommended are director Tughan Thuraisingam, who leads the team’s financial services sub-group, and senior associate Shervin Nahid, who leads the firm’s data protection M&A sub-group.

Praxisleiter:

Stewart Room; James Drury-Smith; JP Buckley


Weitere Kernanwälte:

Tughan Thuraisingam; Shervin Nahid


Referenzen

‘They give commercial straight-forward advice relevant to data protection. They understand how business operates including the constraints and give practical, useful advice. The team collaborates well to give you a 360-degree look at a problem providing sensible solutions. They are enthusiastic and engage well with clients.’

‘Shervin Nahid – is a frontrunner in the data protection world. He is engaging, enthusiastic and provides excellent advice. His delivery and style is second to none in my experience of data protection experts, encouraging a sense of comfort and inherited enthusiasm for data protection to his clients.’

‘Stewart Room as the lead partner on data protection matters is the reason for us to switching to DWF as our main firm for data protection and cyber security advice. Stewart’s knowledge and skill in this area of the law is unparalleled, but what makes him stand out is his ability to place the legal analysis in a commercial context and help an organisation to move forwards in practical and tangible terms.’

Kernmandanten

Meta (Facebook)


Visa Europe


Hard Rock Café International (USA)


Virgin Media O2


KP Snacks


T-Mobile USA


10x Bank Technology Services Ltd.


HSBC UK Bank


Adidas


Lucozade Ribena Suntory


Centrica


Equiti Capital UK


Yum Restaurant Services Group


Yum! III (UK) Limited (Pizza Hut)


Tysers Insurance Brokers


IVC Evidensia


Otsuka Pharmaceutical Development & Commercialization, Inc.


Santander


Checkout Limited


Highlight-Mandate


  • Advised a global technology business on the design of an operating model for its data protection function, the tasks of the data protection officer and the development of its annual work plan.
  • Supported a global payments company to integrate a number of large acquisitions into its global data privacy programme.
  • Supported a global telecommunications company with its response to a ransomware and data exfiltration attack, including support with the development of the strategy for incident response as well as engagement with the threat actor and regulatory authorities.

Herbert Smith Freehills LLP

Herbert Smith Freehills LLP draws on the firm’s wider capabilities across multiple disciplines, including employment, corporate governance, intellectual property, and dispute resolution, to offer a strong full-service data and cybersecurity practice with particular strength in cross-border work. Miriam Everett co-leads the team and has notable strength advising on data protection and privacy issues, and her expertise spans global compliance advice, policy design and implementation, and data retention issues. Co-head Andrew Moir takes point on cybersecurity matters, leading a team that is well-placed to handle cyber breach work, including ransomware attacks, cyber-related litigation, as well as cyber-readiness and resilience. Working alongside them is Christine Young, who handles employment-related data advice.

Praxisleiter:

Miriam Everett; Andrew Moir; Christine Young


Referenzen

‘The team has its finger on the pulse of the ever-changing and complex data privacy world – across many jurisdictions.’

‘The team is very responsive and provides practical advice – easy to implement.’

‘Miriam Everett – She makes herself available and follows up timely. She provides advice in an efficient and effective manner and seeks practical solutions – while highlighting the pros and cons with different approaches. Her work (and that of her team) is greatly valued.’

Kernmandanten

UK Finance


Hays plc


e-Mersion Media


KodyPay Limited


Willis Towers Watson


KPMG


bp


Invesco


GenesisCare


Hunton Andrews Kurth LLP

Hunton Andrews Kurth LLP acts for clients from a range of industries, including tech, life sciences, and retail, on compliance projects, data sharing risk assessments, and cybersecurity incident response, in addition to handling the data aspects of corporate transactions. Sarah Pearce leads the London team and has a broad practice covering global privacy risk management and compliance issues, while Aaron Simpson splits his time between New York and London and handles cross-border data transfer matters. Bojana Bellamy manages the firm’s information policy think tank and is another key name. ‘Diligent‘ associate Ashley Webber advises clients on UK and EU data protection law, including cross-border data transfers and privacy policies. Senior consultant Rosemary Jay, an extensively experienced data protection expert, is also recommended.

Praxisleiter:

Sarah Pearce; Aaron Simpson; Bojana Bellamy


Weitere Kernanwälte:

Rosemary Jay; Ashley Webber


Referenzen

‘The team are knowledgeable especially working with clients using outsourcers.’

‘Ashley Webber is diligent and approachable giving commercially focused advice.’

Kernmandanten

Cybereason Inc.


Silver Lake Technology Management


Tiffany & Co.


TJX Companies, Inc. / TK Maxx


TPG Global, LLC


Highlight-Mandate


  • Advising a well-known retail and consumer client on global data protection and privacy advice while providing extensive GDPR compliance efforts.
  • Providing substantial global privacy and data protection advice to a wealth management company.
  • Providing global privacy and cybersecurity advice to a leading global technology company.

Mishcon de Reya LLP

The ‘tactically astute‘ team at Mishcon de Reya LLP handles the full spectrum of personal and non-personal data issues with an emphasis on regulatory investigations and high-stakes litigation. ‘Master tacticianAdam Rose  heads the team and has extensive experience acting in high-profile data protection and freedom of information litigation, representing both corporates and individuals from the technology, gaming, real estate, and financial services sectors. Working alongside him is Ashley Winton, recommended for his expertise in international data transfers and binding corporate rules. The ‘commercially sensibleJon Baines supports the team on contentious and non-contentious GDPR compliance matters, while  Stuart McMaster takes point on compliance and regulatory mandates for clients in the betting and gaming sector.

Praxisleiter:

Adam Rose


Weitere Kernanwälte:

Jon Baines; Stuart McMaster; Ashley Winton


Referenzen

‘In-depth knowledge of the area of law (data protection), their experience and their strategic advice. Brilliant to work with – communication fantastic.’

‘Their expertise in the field, and their communication, is great. I always had the feeling that they were fighting very hard for me and that they were much better at what they do than the government department we were dealing with. I would pay particular tribute to Jon Baines.’

‘Good practical advice based on excellent understanding of the law and commercial requirements.

Kernmandanten

Criminal Bar Association


Campus Crusade for Christ (“CRU”)


Public Law Project


BetterCloud


Saudi Data & AI Authority


Highlight-Mandate


  • Acting for a claimant in a representative claim under CPR 19.6 against Google and DeepMind, on behalf of a class of approximately 1.6m people, in a case relating to defendants’ receipt of medical records.
  • Acting for claimaint in a high-profile claim against HMRC in relation to HMRC’s onward transmission to the US internal Revenue Service (“IRS”) of her data, pursuant to the UK FATCA regime.
  • Acting for the Criminal Bar Association in relation to concerns regarding the collection and dissemination of the names of barristers taking part in “Days of Action”.

Osborne Clarke LLP

Osborne Clarke LLP acts for major international and domestic clients in the tech sector, providing strategic data advice, cyber incident response expertise, and advice on developing and emerging technologies including AI, machine learning, and blockchain. The extensively experienced Mark Taylor leads the team and has a strong track record advising clients in the financial services and technology sectors on a broad range of data protection matters. The ‘highly knowledgeable’ Ben Dunham is recommended for data flows advice, privacy policy drafting, and compliance matters. On the contentious and cyber front, Ashley Hurst and Charlie Wedin are the key names, advising international clients on cyber incident response and data litigation cases. The team strengthened its commercial data protection offering with the May 2023 arrival of Jonathan McDonald, formerly the practice head at Charles Russell Speechlys LLP.

Praxisleiter:

Mark Taylor


Weitere Kernanwälte:

Ashley Hurst; Charlie Wedin; Ben Dunham; Jonathan McDonald


Referenzen

‘It is the people at this firm, and their collective knowledge, that stands out for me.’

‘Mark Taylor remains our ‘go to’ data protection lawyer. He is vastly knowledgeable, approachable and pragmatic. He has a fantastic ability to get the trust of our business colleagues. They know that Mark is always focused on finding scaleable solutions to even the trickiest data protection problems.’

‘Very responsive and pragmatic, advice is consistently high quality.’

Kernmandanten

Police Federation of England & Wales


Wise Payments Limited


Wates Group


S-RM Intelligence and Risk Consulting Limited


National Grid Electricity Distribution (formerly Western Power Distribution)


Highlight-Mandate


  • Continuing to support and advise the Police Federation of England & Wales in relation to a ransomware attack and the claims arising from it.
  • Acting for Wise Payments (formerly TransferWise) in data protection litigation brought by Ben Delo, the co-founder of the cryptocurrency exchange BitMEX.
  • Advising National Grid Electricity Distribution (formerly Western Power Distribution) on a range of data protection matters.

RPC

RPC counts major tech, social media, and newspaper companies among its impressive roster of clients, handling the full range of contentious and non-contentious matters for clients including Meta, Google, TikTok, and the BBC. Jon Bartley leads on data advisory matters, with a sector focus on retail and technology. Richard Breavington takes point on cyber matters, while Rupert Cowper-Coles and David Cran are the key names for data and tech disputes. Also in the core team is Oliver Bray, whose practice has a particular focus on data issues relating to digital media and online retail. The ‘oustanding’ Joe Lippitt was elevated to the partnership in May 2023 and is also recommended.

Praxisleiter:

Jon Bartley; Richard Breavington; Rupert Cowper-Coles; David Cran


Weitere Kernanwälte:

Oliver Bray; Joe Lippitt


Referenzen

‘I value my firm’s relationship with RPC very highly. Oliver Bray leads a great team that is keen to learn about our business and work with us as true partners. The team’s willingness to get underneath the bonnet and really understand the business is a huge asset.’

‘The stand-out names for me are Oliver Bray and Joe Lippitt.’

‘Oliver Bray is a trusted adviser and a great ally. Olly has a genuine interest in our business and has tackled many complex data protection issues for me. He makes a real effort to understand not just the legal issues, but also the business dynamics.’

Kernmandanten

Meta (including Facebook, Instagram, WhatsApp)


Google


Twitter


News UK


BBC


Frasers Group


Associated Newspapers


Times Newspapers Limited


Reach (formerly Mirror Group)


techUK


Hiscox


Chubb


Highlight-Mandate


  • Advised a household name insurer on a significant project to review 50 data-heavy and complex vendor agreements and revise, update and renegotiate as needed.
  • Advised a national newspaper group on two separate ICO investigations into the content of newspaper articles.
  • Provided full support to a major software provider on the issues arising from a ransomware attack that had the potential to impact national transport infrastructure

Simmons & Simmons

Simmons & Simmons’ data protection team draws on the firm’s digital business, dispute resolution, and employment capabilities, forming a multidisciplinary offering that has a strong presence in the financial services, healthcare and life sciences, and telecoms sectors. Under the leadership of new practice head Lawrence Brown, who takes point on multi-jurisdictional compliance and data protection mandates from the firm’s Bristol office, the team also handles data disputes and data breach response work. Head of the Digital Business practice Alexander Brown concentrates on advising clients in the telecoms sector on a broad range of data protection and privacy matters, particularly in the context of digital tech. On the contentious side, Robert Allen, also in Bristol, heads the firm’s data protection litigation practice.

Praxisleiter:

Lawrence Brown


Weitere Kernanwälte:

Alexander Brown; Robert Allen


Kernmandanten

Huawei


Pacific Investment Management Company, LLC (PIMCO)


Booking.com


Virgin Media Telefonica UK (VMO2) / giffgaff


BT


Alipay


Barings


Highlight-Mandate


  • Advised Huawei on various developing laws and regulations related to restrictions on the ability for Huawei to supply 5G equipment to mobile operators.
  • Advised the Bank of Novia Scotia on a wide-ranging data protection compliance review with a focus on transfer risk assessments for intra-group and vendor transfers.

Taylor Wessing LLP

Now jointly led by Victoria Hordern and Chris Jeffery, Taylor Wessing LLP’s data and cyber practice has notable expertise in the digital health, technology, and financial services sectors. The firm’s strong tech focus means the group is well-placed to advise on emerging and novel technology issues, including AI, blockchain, and the privacy implications of facial recognition technology and biometric data. Hodern advises on all aspects of EU and UK data protection and privacy compliance, while Jeffery advises US and global tech clients looking to expand into European markets.

Praxisleiter:

Victoria Hordern; Chris Jeffery


Referenzen

‘The Taylor Wessing team can always be relied upon to pair regulatory expertise and technology knowledge together. Paired with a strong pragmatism when delivering their advice makes them valuable partners for us.’

‘Victoria Hordern is a great head and responds to us incredibly quickly. We have appreciated the out of the box thinking in their tender submissions.’

Kernmandanten

Burger King


Owlstone


Highlight-Mandate


  • Provided support to Burger King in managing its digital privacy compliance operations and in a data mapping exercise.
  • Advising Owlstone on the data protection implications of its Breath Biopsy® VOC Atlas.

White & Case LLP

White & Case LLP’s team leverages the firm’s global network to provide a solid offering with an emphasis on cross-border matters, acting for large multinationals across the full range of advisory, regulatory, transactional, and contentious data, privacy, and cybersecurity mandates. Tim Hickman, singled out for his ‘unparalleled knowledge of the sector,’ leads the team and is recommended for his GDPR compliance expertise. Rory Hishon takes point on technology disputes, working alongside Jenna Rennie, while John Timmons is the key name for regulatory data protection litigation and cybersecurity incident response.

Praxisleiter:

Tim Hickman


Weitere Kernanwälte:

Rory Hishon; John Timmons; Jenna Rennie


Referenzen

‘Understands the law across multiple jurisdictions. Knows the answers straight away.’

‘Tim Hickman has unparalleled knowledge of his sector.’

‘White & Case provide comprehensive and pragmatic advice on complex legal matters.’

Kernmandanten

Meta


Nestlé


MSI


AutoCruitment, LLC


AGCO


Getac


Verallia


Magnum Opus Acquisition Limited


Zimmer Biomet Holdings


KLDiscovery Limited


Highlight-Mandate


  • Representing Meta in major international matters involving high-profile privacy and data protection issues, as well as helping the Company navigate data protection requirements across the globe.
  • Providing extensive support and advice to Nestlé concerning compliance requirements.
  • Supporting MSI on a wide range of data protection compliance projects to help ensure that MSI is able to lawfully collect, analyse, and transfer personal data among its international operations.

Womble Bond Dickinson (UK) LLP

Womble Bond Dickinson (UK) LLP’s data, privacy, and freedom of information team acts for clients across a broad spectrum of sectors, including petrochemicals, retail, and educational bodies. Under the leadership of data protection specialist Andrew Kimble, in Southampton, the team advises on regulatory investigations, cross-border data transfers, and the data aspects of corporate transactions.  The team has a strong contentious practice both in the data privacy and cybersecurity space, handling disputes concerning misuse of personal data as well as litigation following data breaches; Southampton’s Andrew Parsons is the key name here.  Also recommended are Caroline Churchill, whose practice covers non-contentious commercial, technology, and data protection matters, and Sarah Daun, who handles day-to-day GDPR compliance and data sharing agreements. Daun and Churchill are both based in Newcastle.

Praxisleiter:

Andrew Kimble


Weitere Kernanwälte:

Andrew Parsons; Caroline Churchill; Sarah Daun


Kernmandanten

Blackbaud Inc


Chemring


B&Q/Kingfisher plc


PDP Training


Highlight-Mandate


  • Advising Blackbaud Inc., on its response to a data breach involving the hacking of its customer databases, where the records of individuals globally were accessed

Addleshaw Goddard

Addleshaw Goddard‘s full-service data practice works with domestic and multinational blue-chip clients in the e-commerce, gaming, and retail sectors, handling the full spectrum of data protection matters, including regulatory investigations, compliance matters, and the data privacy aspects of project development and launches. Helena Brown, who splits her time between Edinburgh and London, leads the time, working alongside Aberdeen-based Ross McKenzie, who has a niche subspecialisation in data protection work for clients in the retail and consumer sectors, and Nathalie Moreno, in London, who has a focus on large-scale international compliance projects.

Praxisleiter:

Helena Brown


Weitere Kernanwälte:

Nathalie Moreno; Ross McKenzie; Claire Edwards; Charles Christie


Referenzen

‘The team provides practical advice with understanding of the nuances of our business and our customers.’

‘Ross McKenzie, a partner based in the Aberdeen office, is a standout advisor who is always enthusiastic and incredibly helpful. I will always lean on Ross whenever in need of data protection related advice.’

‘Nathalie Moreno – is able to take quite complex issues and break them down, solutionise them and give practical ways to resolve them, without hesitation she steps us and gives us support, always willing to go that extra bit to make sure everything is as it should be.’

Kernmandanten

Boohoo Group PLC


BP International Limited


JD Sports


Primark


Barclays Bank UK plc


HSBC UK Bank plc


Lloyds Banking Group plc


Nationwide Building Society


NatWest Group


Northern Bank Limited


Santander UK plc


TSB Bank plc


Virgin Money


Bank of Ireland (UK)


Generali Global Assistance, Inc.


GHA Loyalty DMCC


John Lewis plc and Waitrose


Wickes Building Supplies


Playstation


Saga Plc


Santander


Virgin Money


Highlight-Mandate


  • Advised Primark on their privacy strategy for the launch of their click and collect website.
  • Advised Virgin Money on a number of strategically significant privacy matters.
  • Advised Generali Global assistance on a global program to roll out identity theft monitoring solutions for Mastercard.

Bates Wells

With a niche specialisation in advising charities and not-for-profit organisations, Bates Wells has particular strength in advising public sector bodies and political organisations on complex privacy issues. The team is now led by Eleonor Duhs, formerly at  Fieldfisher. Duhs’ practice focuses on GDPR compliance matters and has significant government experience, where she worked on the UK’s negotiations on the GDPR. Also in the core team are Rupert Earle and associate Hannah Lyons; Earle handles media and regulatory issues, while Lyons specialises in charity sector-related data protection issues.

Praxisleiter:

Eleonor Duhs


Weitere Kernanwälte:

Rupert Earle; Hannah Lyons


Referenzen

‘Eleonor Duhs in particular with her background in government service has a strong insight into the policy background to both EU and UK GDPR and data protection reforms which enables her to describe the key changes and divergence between the two regimes with considerable critical accuracy.’

‘The team is attentive to our needs, understands our business and what makes us unique. Their advice is commercial and balances risk well.’

‘Hannah Lyons is great to work with and is always attentive to our needs, providing straightforward and practical advice.’

Kernmandanten

Effective Ventures Foundation


Vodafone Foundation


Smile Train


Liberal Democrats


Architects Registration Board


Webster, Chamberlain and Bean


LifeArc


GambleAware


TechSoup


SOAS


Internet Watch Foundation


Highlight-Mandate


  • Advised Vodafone Foundation on data privacy issues relating to new technologies being rolled out.
  • Briefing the DCMS group of Liberal Democrats peers on the Data Protection and Digital Information Bill, including areas where the UK could breach standards set out in international law or undermine the free flow of data from the EU to the UK.
  • Advised LifeArc on data protection compliance in the scope of its activities and assisted with data protection compliance.

BCL Solicitors LLP

Boutique firm BCL Solicitors LLP specialises in cybercrime, investigatory and enforcement powers, and general data protection work, acting for individuals and large tech corporations on their engagement with regulators, state authorities, and law enforcement agencies. Former legal director of GCHQ Michael Drury heads the team and is ‘thorough, hard-working, incredibly responsive and always able to anticipate the needs of his clients.’ Julian Hayes‘ expertise spans both contentious and non-contentious matters, handling compliance, policy drafting, incident response, and regulatory investigations, while Richard Reichman advises corporate clients on data breaches and freedom of information act requests.

Praxisleiter:

Michael Drury


Weitere Kernanwälte:

Julian Hayes; Richard Reichman


Referenzen

‘BCL is uniquely placed in data protection matters because of their combined expertise in criminal law and matters relating to national security.’

‘Julian Hayes stands out in this area. He knows all that needs to be known and combines his great charisma with fierce intellect.’

‘The team’s unique location at the overlap between crime, investigatory powers and data privacy puts them at the forefront of cyber work that intersects these fields.’

Bryan Cave Leighton Paisner

Clients in the financial sector regularly instruct Bryan Cave Leighton Paisner on data subject access requests, cross-border compliance projects, and the data privacy aspects of divestments and acquisitions. The ‘efficient and exceptionalKate Brimsted leads the team and has a broad practice with an emphasis on UK and EU GDPR matters, while Geraldine Scali is recommended for her ‘masterful’ knowledge of regulatory matters and authorities.

Praxisleiter:

Kate Brimsted


Weitere Kernanwälte:

Geraldine Scali


Referenzen

‘The team provides a pragmatic approach to dealing with Data Privacy and Cyber security matters and collaborates effectively with industry experts to deliver an effective service to their customers. Key strengths relate to Data Privacy GDPR consulting and advisory services and interpretation of the regulation and best to navigate it both within the UK and abroad.’

‘Kate Brimsted is knowledgeable about her subject matter expertise and approachable when consulting with clients. She provides a fair, prompt and measured response to client requests and brings in appropriate external partners when appropriate to address broader client needs in the intersection of data privacy and cybersecurity.’

‘Excellent team that is particularly dialed in on regulators’ mindset, which is so key in this field. Overall, a fantastic team that provides top-notch service and advice.’

Kernmandanten

eToro


Heathrow Airport


London Stock Exchange Group


MarketCast


Tesco


URW (owners of Westfield)


Royal College of Midwives


Estee Lauder


Worcester Warriors Rugby Club administrators (Begbies Traynor)


Lumen Technologies


Dragonfly Eye Limited


AI Software LLC (Capacity)


Ness USA Inc


The Foschini Group Limited


Highlight-Mandate


  • Advised AI Software, LLC (recently renamed Capacity), in connection with the acquisition by Capacity of Textel CX Inc. (Textel), a technology company that enables businesses to provide automated customer service support via text message.
  • Advised Dragonfly Eye Ltd (Dragonfly), a leading geopolitical and security intelligence provider, on its sale to FiscalNote Holdings, Inc., a major AI-driven enterprise SaaS technology provider of global policy and market intelligence.
  • Advising Lumen Technologies on the $1.8 billion proposed divestiture of its Europe, Middle East and Africa (EMEA) business including its terrestrial and subsea networks, data centres and network equipment in the region, to London-headquartered Colt Technology Services (Colt).

Mayer Brown International LLP

Mayer Brown International LLP‘s cybersecurity and data privacy team leverages the firm’s international capabilities to offer a strong cross-border practice. Led by Mark Prinsley, who handles data protection issues and GDPR compliance matters for clients in the financial services, pensions, and tech sectors, the team also includes the ‘exceptionally responsiveOliver Yaros, who advises on tech and outsourcing transactions as well as cybersecurity incident response.

Praxisleiter:

Mark Prinsley


Weitere Kernanwälte:

Oliver Yaros


Referenzen

‘The privacy and cybersecurity team at Mayer Brown provides excellent legal advice as well as practical business solutions to complex issues.’

‘Oliver Yaros is exceptionally responsive to our needs and requests. He is very knowledgeable and also shares innovative and practical business solutions.’

Kernmandanten

Previse Limited


Andersen Tax LLC


Ingevity Corporation


Plantage Rio Inc


Cummins


Overmore Group


Bank of New York Mellon (BNYM)


TC Energy Corporation


Corney & Barrow Group Limited


Caravel Group


EMK Capital


Highlight-Mandate


  • Represented private equity firm EMK Capital in acquisition of a majority stake in leading online marketplace Bark.com, and provided subsequent data privacy advice.
  • Advising US-based accountancy and audit professional services firm Andersen Tax on GDPR compliance.

Morrison Foerster

With strength in contentious matters and cross-border investigations, Morrison Foerster acts for software providers and international tech companies, handling a broad range of regulatory, cybersecurity, and compliance matters. The ‘excellent, very pragmatic, efficient, and completely client-orientedAnnabel Gillham leads the team, which also includes Gemma Anderson, a commercial litigator with a focus on technology and data privacy disputes. At the associate level, the team is supported by Mercedes Samavi, who has experience advising on B2B and B2C data privacy matters, and Dan Alam , who advises on intersection of employment and data protection law.

Praxisleiter:

Annabel Gillham


Weitere Kernanwälte:

Mercedes Samavi; Dan Alam; Gemma Anderson


Referenzen

‘The team has a global and thorough view of data protection, privacy and cybersecurity issues with excellent partners in different offices. The level is high and homogeneous among the different partners we have been working with.’

‘We have mainly worked with Annabel Gillham, she is excellent, very pragmatic, efficient, and completely client-oriented.’

Kernmandanten

Fujitsu


Highlight-Mandate


  • Representing Fujitsu Services Limited in relation to an extremely high-profile and significant matter, which concerns the Horizon IT System provided by FSL to the UK Post Office from 1999 to date.

Orrick, Herrington & Sutcliffe (UK) LLP

Orrick, Herrington & Sutcliffe (UK) LLP acts for a diverse range of clients in the tech, gaming, and entertainment industries, handling high-profile data breaches, regulatory investigations, and cyber and data protection-related litigation matters. Kelly Hagedorn now leads the team after former practice head Keily Blair left for an in-house position in April 2022. Hagerdorn has extensive enforcement background and handles compliance risk and data protection regulatory matters for multinational clients. On the cybersecurity front, ‘super knowledgeableCameron Carr is recommended for his expertise across cyber incident response and risk management.

Praxisleiter:

Kelly Hagedorn


Weitere Kernanwälte:

Cameron Carr


Referenzen

‘Availability, empathy, kindness and professionalism.’

‘Exceptionally talented lawyers!’

‘Cameron Carr really understands the commercial side of a breach. He’s super knowledgeable and really comes across like a business partner to his clients.’

Kernmandanten

Baidu, Inc


Deltek, Inc.


Dream Games


Fenix International Limited (d/b/a OnlyFans)


Juniper Networks


Legends International, LLC


Louis Dreyfus Company


NerdWallet, Inc


Nina Lakhani


Technologies of Voice Interface Limited


W. W. Grainger, Inc


Workday, Inc.


Xiaomi


Zynga, Inc


Highlight-Mandate


  • Advised Deltek with its privacy and cyber security programme including dealing with specific queries surrounding direct marketing, compliance with PECR, international data transfers, intra-group data sharing arrangements, implementation of standard contractual clauses and cyber security preparedness.
  • Advising Fenix International Limited (OnlyFans) on an ongoing basis in connection with all UK regulatory and compliance matters, including those related to online safety, anti money laundering, financial regulatory matters, and organisational strategy for compliance with UK, EU and US consumer and privacy laws.
  • Advised Legends International, LLC on its data use and data protection strategy, as well as on data collection and sharing in connection with key strategic transactions.

Ropes & Gray LLP

Ropes & Gray is regularly instructed by clients in the private equity and financial services sectors, as well as from the healthcare and life sciences industries, to advise on all aspects of compliance and enforcement-related data privacy and protection matters. The team is led by ‘superb‘ data protection and cybersecurity expert Rohan Massey, who specialises in international data transfer issues and global compliance matters. Working in close conjunction with its US offices, the team has particular strength in transatlantic data privacy mandates. At the senior associate level, the ‘knowledgeable, responsive, practicalEdward Machin is also recommended.

Praxisleiter:

Rohan Massey


Weitere Kernanwälte:

Edward Machin


Referenzen

‘Strong understanding of the law and an ability to deliver advices in an easily digestible form.’

‘Rohan Massey – Rohan is knowledgeable, and provides useful and practical advice, in an easy going manner.’

‘Rohan has great strength in depth within his team including at the most junior associate level. Rohan offers a flexile and sensible, commercial approach to challenging issues.’

Kernmandanten

The Carlyle Group, L.P.


Baring Private Equity Asia


Bain Capital


Providence Equity Partners


HUTCHMED


Advent/Nielsen


Highlight-Mandate


  • Advising Carlyle Investment Management LLC on a complex technology restructuring to integrate certain businesses onto global platforms.
  • Providing ongoing privacy, data protection and information security advice to HUTCHMED, on a wide range of challenging legal and regulatory issues in three of the world’s most highly regulated jurisdictions for the development and commercialisation of medicinal products (the European Union, the United Kingdom and the People’s Republic of China).
  • Represented NielsenIQ, a portfolio company of Advent International, in connection with its entry into a definitive agreement to combine with GfK SE.

Shoosmiths LLP

Praised for its ‘excellent knowledge’ and ‘unparalleled experience’, the dedicated privacy and data team at Shoosmiths LLP acts for clients across a diverse range of sectors, including financial services, defence technology, and life sciences. The ‘incredibly knowledgeable’ Sherif Malak oversees the practice and works alongside Anastasia Fowle, who regularly acts for clients within the automotive and sports sectors. Also in the core team is Nick Holland, recommended for his global privacy compliance expertise. At the associate level, senior associate Adam Fox and principal associate Matthew MacLachlan assist on regulatory enquiries and cyber disputes, respectively.

Praxisleiter:

Sherif Malak


Weitere Kernanwälte:

Matthew MacLachlan; Anastasia Fowle; Adam Fox; Nick Holland


Referenzen

‘Depth of resource within the team, exceptional knowledge of a very technical and evolving area of the law, excellent interaction with other interested parties (e.g. insurers).’

‘Matthew MacLachlan has been outstanding in managing a significant data incident for our business. Depth of technical knowledge in the team is outstanding and advice is always provided through a sensible commercial lens.’

‘Strong knowledge and understanding of the industry, and able to apply insight and expertise that is relevant and appropriate within context.’

Kernmandanten

Chronomics


ABN AMRO


Hilton Grand Vacations (HGV)


Belden Inc


Hewlett Packard Enterprise Company (HPE)


The Law Society


Groupe Renault


Noerr/Audi AG


giffgaff (VMO2)


WeWork


FremantleMedia Group


EG Group


Nissan Japan


Global Switch


Volkswagen Group UK


Sosei Heptares


Acaster Lloyd


ProPharma


PharmaCosmos


Coloplast


Electrolux


Blue Skeye


ForestGarden


ChristmasDirect


ComponentSoruce


Restore Plc


London BTR Investments


Sigma Capital


Start Living


2020 Trustees Limited


Trustees of Essar Oil Limited


RTX


Mercedes Benz


RIXO London


Henkel


The White Company


H&M


United Talent Agency


Estee Lauder Companies


Nectar Sleep


Travelodge


British American Tobacco


Deliveroo


Order Pay


Gopuff


Scania (Great Britain)


French Connection UK


Grass Valley


Briggs and Riley


Dynatrace


Virtusa


Highlight-Mandate


  • Advising Hewlett Packard Enterprise Co as lead global privacy counsel.
  • Enabled implementation of novel data-driven technologies for WeWork’s global business aimed at protecting the safety and security of its members, staff and buildings
  • Appointed Data Protection Officer of the EG Group across its entire portfolio.

Sidley Austin LLP

Highly rated for its expertise across the healthcare, pharma, and life sciences sectors, the privacy and cybersecurity team at Sidley Austin LLP acts for large pharmaceutical firms as well as global tech companies. William Long, singled out for his industry experience, leads the team and advises clients on GDPR compliance, e-commerce, and information security issues. Recently promoted partner Francesca Blythe is ‘extremely commercially minded and pragmatic‘ and has a particular focus on data privacy and protection issues in the life sciences sector.

Praxisleiter:

William Long


Weitere Kernanwälte:

Francesca Blythe


Referenzen

‘An exceptional data protection team that provides prompt, practical data privacy legal advice. Instead of being overly conservative, they adopt a risk-based approach that makes their advice stand out from others.’

‘Francesca Blythe is extremely commercially minded and pragmatic. Her advice is already ‘ready to use’ and I don’t need to spend more time digesting what she says.’

‘Subject Matter experts with a strong focus and understanding of life sciences. Able to see the big picture and the interplay between different rules and regulations.’

Kernmandanten

Bristol Myers Squibb


Accelerant


Jazz Pharmaceuticals


W.L.Gore


DaVita Inc.


Magnetar Capital


H.I.G


Nurix Pharmaceuticals


Monument Group


Mallinckrodt


Stephenson Harwood

Under the leadership of the ‘standoutKatie Hewson, the data protection team at Stephenson Harwood advises tech sector clients on emerging data protection legislation and also handles international data transfers, breach work, and investigations. Simon Bollans advises on cybersecurity as well as the data privacy and regulatory aspects of emerging technologies. Michael Bywell and Peter Dalton joined in early 2023 from Hausfeld & Co LLP and Herbert Smith Freehills LLP, respectively, strengthening the team’s technology disputes and cyber capabilities. ‘Vastly talented‘ associate Olivia Fraser is recommended for her experience advising on the data aspects of corporate transactions.

Praxisleiter:

Katie Hewson


Weitere Kernanwälte:

Olivia Fraser; Simon Bollans; Michael Bywell; Peter Dalton


Referenzen

‘Katie Hewson. She is a very knowledgeable, pragmatic lawyer. In terms of the limited instructions given to her so far I have found her work very business orientated and solution focused.’

‘Stephenson Harwood is our go-to law firm for data protection matters. They set themselves apart from the competition through deep technical knowledge combined with a strategic approach which empowers the business.’

‘Katie Hewson is a force! She is a strategic legal advisor with deep knowledge of data protection law, and consistently provides practical, actionable advice for her clients.’

Kernmandanten

Kroll


Exscientia


Bvlgari


S&P Global


Neuberger Berman Europe Limited


Association of British Investigators


Highlight-Mandate


  • Advised an industry body on the development of a UK GDPR code of conduct.
  • Advised on an industry-wide digital transformation project in the benefits sector, involving complex data sharing arrangements.
  • Advised a global insurance, risk and consulting business on the high-risk data protection aspects of a £7.0 million acquisition.

TLT

Public sector clients and clients operating across the retail, telecom, financial services, and education sectors regularly instruct TLT on mandates concerning developing data protection legislation, transfer risk assessment agreements, and data breaches. The growing team, led by Gareth Oldale, a ‘powerhouse in his field,’ also includes legal director Louisa Williams, whose practice concentrates on advising public sector clients on complex data protection issues, including international data sharing arrangements and data rights requests. In Bristol, Ed Hayes handles sensitive data protection matters. At the associate level, the ‘excellent’ Bristol-based Emma Erskine-Fox is also recommended.

Praxisleiter:

Gareth Oldale


Weitere Kernanwälte:

Emma Erskine-Fox; Louisa Williams; Ed Hayes


Referenzen

‘What I think makes the practice unique is the talent of the team. Gareth Oldale in particular is endlessly impressive. The team is very accessible, from the most junior to most senior, and they all speak in terms clients understand.’

‘Gareth Oldale is a powerhouse in his field – having him on your side feels unfair. He has an amazing breadth of knowledge, in particular within the wider public sector.’

‘The team is exceptionally practical and pragmatic. They understand systems, software, and how businesses operate to give risk-aware advice that is useful in the real world. They are friendly, amenable, and professional.’

Kernmandanten

Department for Digital, Culture, Media and Sport


Information Commissioner’s Office


Police Digital Service


Metropolitan Police Service


Government Legal Department


TSB Bank Plc


NatWest Group Plc


Monzo Bank


Financial Reporting Council


City Football Group (Man City FC)


UK Sport


Sport England


University College London


University of Warwick


Sainsbury’s


BGL Group Limited (CompareTheMarket)


Imperial Brands plc


Preston North End Football Club


Kent Police & Essex Police


Savills


Financial Conduct Authority


ColCap UK


Highlight-Mandate


  • Advising a US Headquartered payments systems business on complex cross-border transfers of personal data, taking part in various negotiations with merchants and suppliers to provide data protection advice, as well as reviewing and drafting data processing agreements with the client’s suppliers.
  • Engaged by a leading price comparison website to assist with privacy impact assessments (“PIA”) and legitimate interest assessments covering a variety of topics and processing activities.
  • Engaged by one of the UK’s largest universities to support on data protection and freedom of information queries, including advising on interactions with the Information Commissioner’s Office, assisting with data protection contracts and data breaches, undertaking freedom of information internal reviews, and advising on large scale data subject rights and freedom of information requests.

Travers Smith LLP

Travers Smith LLP advises clients in the financial services, tech, mobility, and health sectors on the full range of data protection and cybersecurity matters. The team is overseen by Dan Reavill, whose practice covers both contentious and non-contentious data and cyber matters for major IT vendors and buyers. Also in the core team is the ‘technically soundJames Longster, who takes point on data breaches and data exploitation matters, and the ‘comprehensive and pragmaticLouisa Chambers, recommended for her expertise in the tech and fintech sectors.

Praxisleiter:

Dan Reavill


Weitere Kernanwälte:

Louisa Chambers; James Longster


Referenzen

‘Thorough knowledge of the application of GDPR appropriate for the real estate industry, including the incorporation of cross boarder entities.’

‘We very much value Louisa Chambers’ advice, which is comprehensive and practical and she always offers solutions rather than general legal advice with various caveats!’

‘A strong team with technical excellence but more than that they are able to take a real word/practical approach when giving advice (rather than sitting on the fence).’

Kernmandanten

Samsung Electronics


Emis


Pemberton


Kroll


Eastdil


Sportlight Technology


Fundsmith


Datapharm Limited


Euroclear


Legl


Phoenix Group


Rathbone


Melia Hotels


Bain Capital


Paymentsense


Highlight-Mandate


  • Advised Samsung Electronics (UK) Limited on data protection matters to facilitate the launch of new smart products and services, as well as on the potential impact of new UK and EU digital legislation.
  • Advised Datapharm Limited, the UK’s leading provider of medicine information, on transforming its approach to user data, including advising on improvements to its cookie practices, privacy policies, handling of special category health data and terms and conditions with customers to help optimise the use of data it collects.
  • Advised Emis with regards to data protection matters relating to its role as a data processor of patient record data which it hosts on behalf of GP surgeries.

Wiggin LLP

The ‘creative and knowledgeable’ data privacy team at Wiggin LLP has demonstrable strength advising clients in the media, entertainment, and gaming industries on all aspects of data protection, with particular emphasis on regulatory issues and investigations. The ‘brilliantPatrick Rennie leads the practice and is a key name for GDPR compliance matters, Age Appropriate Design Code issues, and regulatory obligations. Senior associate Christina Henry specialises in advising tech and media sector clients on compliance matters and is highly rated for her ‘forensic approach to complex matters‘.

Praxisleiter:

Patrick Rennie


Weitere Kernanwälte:

Christina Henry


Referenzen

‘A very digitally-focused practice with unrivalled specialist expertise in gaming, interactive entertainment, film, and TV.’

‘The team is creative and knowledgeable – the go-to team for tough or unusual problems.’

‘The team is led by Patrick Rennie who is brilliant at explaining complex issues in simple (and entertaining) terms. His level of client service is outstanding and overall he is fantastic to work with.’

Kernmandanten

Thunderful Group AB


Stannah Management Services Limited


Notonthehighstreet Enterprises Limited


The Stars Group t/a Pokerstars (TSG Interactive Services Limited)


Centaur Media PLC


Transaction Services Group Limited


Expereo International BV


Starz Entertainment, LLC


Oxford Strategic Marketing Limited


WHG (International) Limited t/a William Hill


SP Film Production Limited (t/a Sony)


DAZN Media Services Limited


Warner Bros. Discovery


Perform Content Services Limited


RMG


Highlight-Mandate


  • Acting as the Data Protection Officer for the retail brand, Not On The High Street, advising the business on all aspects of data protection.
  • Long-stranding advisor to Centaur Media, publisher of various b2b publications including The Lawyer, providing advice on collection of personal data (directly and from external sources) as well as acting as its Data Protection Officer.

Clyde & Co

Clyde & Co acts for clients from the tech, insurance, energy, and construction sectors and is adept at handling compliance, risk management, and cyber incident response, as well as data issues related to emerging technologies. Mark Williamson takes point on data protection matters, while Ian Birdsey and Helen Bourne lead on the cybersecurity front; the trio jointly lead the practice.

Praxisleiter:

Mark Williamson; Ian Birdsey; Helen Bourne


Weitere Kernanwälte:

Madeleine Shanks


Referenzen

‘Clyde & Co has a great global reach. They’re super responsive and have a great depth of experience.’

‘Always super responsive. The Clyde team gives proportionate and direct advice. I’m not sure you can get anyone more experienced in breaches than Helen Bourne and Ian Birdsey. There’s a few great associates too, Maddy Shanks being a standout.’

‘Very skilled combined with excellent pragmatism.’

Kernmandanten

UCL


B&Q


Highlight-Mandate


  • Acting as the main trusted data protection adviser to UCL.
  • Advising B&Q on a range of data-related issues relating to its commercial and strategic arrangements.

Cooley (UK) LLP

Cooley (UK) LLP has a full-service cyber, data, and privacy offering with strength in cross-border projects, GDPR compliance, and multijurisdictional data breaches. Guadalupe Sampedro helms the practice and advises clients in the fintech and financial services sectors, while the ‘very knowledgeableAnn Bevitt handles data transfers, breach notifications, and internal investigations.

Praxisleiter:

Guadalupe Sampedro


Weitere Kernanwälte:

Ann Bevitt


Referenzen

‘Global data privacy team. Very accessible, sociable and communicative. Responding quickly with profound but pragmatic advice and solutions.’

‘Ann Bevitt is very knowledgeable and sound, but also quick and pragmatic in providing direct legal advice as well as obtaining advice from multiple teams on global or multinational issues through her network.’

‘In-depth experience of the tech and payments industry, very pragmatic, great insights into regulatory activities.’

Kernmandanten

eBay, Inc.


Yum! Brands, Inc.


Grinder LLC


Colt Technology Services


Highlight-Mandate


  • Advising eBay on a wide range of data protection matters relevant to their payments business globally (EU, UK, US, Australia).
  • Assisted Yum!Brands, a global restaurant brand, with global data privacy compliance.
  • Representing the social networking app Grindr before the ICO in an investigation regarding its compliance with the GDPR and a Freedom of Information request.

Farrer & Co

Acting for clients in the education, sport, and media sectors, Farrer & Co handles compliance, data retention queries, and data transfers. Henry Sainty leads the team, which also includes Ian De Freitas, head of data disputes, and Owen O’Rorke, whose practice spans both contentious and non-contentious matters. Associate David Morgan is recommended for marketing and adtech compliance advice. Jeremy Isaacson, a freedom of information specialist, and data litigator Tom Rudkin were promoted to partner in 2022.

Praxisleiter:

Henry Sainty


Weitere Kernanwälte:

Owen O’Rorke; Ian De Freitas; David Morgan; Jeremy Isaacson; Tom Rudkin


Referenzen

‘Highly knowledgeable, skilled, collaborative, hard-working and pragmatic approach to advice and legal services. Particularly impressed with the dedicated forums and webinar series to support in-house lawyers which, in my experience is unique and offers great support for myself and my team.’

‘A brilliant team of lawyers who take the time to give specific, commercially oriented advice. Owen O’Rorke stands out in particular for his responsiveness, exceptional knowledge, and real-world application of the law.’

‘Effective, experienced, personable, diverse team, especially the inspirational Ian De Freitas.’

Kernmandanten

London Business School (LBS)


English Federation of Disability Sport (Activity Alliance)


British Swimming


Logicalis Group


Eton College


Vistra Group


The Economist


Lawn Tennis Association (LTA)


MCC Marylebone Cricket Club


ISBA


Department for Education


Church of England


Highlight-Mandate


  • Acting for Eton College advising on data protection compliance issues including data retention, complaints and queries from parents and pupils involving personal data, and requests from individuals to exercise their privacy rights, erasure and subject access requests.
  • Advising the Economist on its direct marketing and newsletter advertising and its compliance with the UK GDPR and PEC Regulations.
  • Representing Logicalis Group International, a global IT solutions provider, overseeing a comprehensive redraft of the agreement covering its complex international data transfer arrangements, including dealing with differences between ex-UK and ex-EEA transfers, new confidentiality provisions and questions of group liability and regulation.

Goodwin

Jointly led by Lore Leitner and Gretchen Scott, the data, privacy, and cybersecurity practice at Goodwin has a full-service offering with particular strength advising clients in the emerging tech, software, and healthcare and life sciences sectors. The team also includes ‘highly knowledgeable’ counsel Curtis McCluskey and senior associate Josephine Jay, recommended for her data compliance and GDPR expertise.

Praxisleiter:

Lore Leitner; Gretchen Scott


Weitere Kernanwälte:

Curtis McCluskey; Josephine Jay; Annabel Loose


Referenzen

‘The Goodwin privacy team is knowledgeable, pragmatic, responsive, and really personable and helpful. I have built a great relationship with them and enjoy our interactions and knowledge-sharing.’

‘I have forged great relationships with Gretchen Scott and Curtis McCluskey. As well as respecting and valuing their professional opinions and knowledge, I also really enjoy their company when we have an opportunity to connect socially at events.’

‘Gretchen Scott has a helicopter view of the GDPR and legislation around different countries, a great understanding of the situation and the business needs, and clear judgement. Curtis McCluskey is very knowledgeable, has a helicopter view of the GDPR and legislation around different countries, quick responses and writing of legal documents, always up to the point with a great understanding of the situation.

Kernmandanten

Luka, Inc. (dba Replika)


Chaos Software EOOD; Chaos Group


Wayfair


Semrush, Inc


Transmit Security


CMR Surgical Limited


Medidata Solutions, Inc.


HungryPanda Limited


AM Pharma B.V.


Apart Of Me


HubSpot, Inc.


Thomson Reuters Corporation


HIBio, Inc


Citymapper


ZYNC, Inc


Audio Analytic Limited


Meta Platforms, Inc.


SilkRoad Technology, Inc.


Highlight-Mandate


  • Assisted Luka, Inc. (dba Replika) in addressing the concerns raised by the Italian Data Protection Authority (“Garante”) and in implementing the necessary changes to comply with the order.
  • Advised Wayfair’s on centralising its approach to privacy, and strategically positioning itself to ensure compliance supports its business objectives around data and advertising its products.
  • Advised Transmit Security on building and developing its GDPR compliance (including advising on its data protection classification – either a processor or controller in relation to each aspect of its products) following its expansion into the EU and UK markets.

Lewis Silkin

Advising across the spectrum of data compliance, risk management, and regulatory matters, Lewis Silkin regularly acts for clients in the retail, media, and publishing sectors. ‘Remarkable, accurate and available‘ practice co-head Alexander Milner-Smith advises leading multinationals on global privacy strategies, employment-related data protection and privacy matters, while co-head Bryony Long has a broad data practice with a particular focus on the adtech industry. The ‘laser-focusedAli Vaziri is a key name for regulatory issues and contentious matters, while managing associate Benjamin Favaro is recommended for his compliance and employment expertise. Managing associate Tom Ford is a key name for multijurisdictional projects.

Praxisleiter:

Alexander Milner-Smith; Bryony Long


Weitere Kernanwälte:

Ali Vaziri; Benjamin Favaro; Tom Ford


Referenzen

‘The Lewis Silkin team is always very business-oriented, very pragmatic and offers solutions that work from an operational point of view. The team always works very efficiently, respecting the deadlines that are requested.’

‘Alexander Milner-Smith is the one I work with the most in the team. He works enormously, always responds efficiently, pragmatically and quickly to the questions/files that we submit to him. He is remarkable, accurate and available. He never loses sight of the client’s best interests.’

‘Bryony Long has a commercial & consumer background coupled with her sharp mind when coming to GDPR issues. She knows how to advise clients remarkably when it comes to complex questions related to marketing issues, use and reuse of client data, for example.’

Kernmandanten

Omnicom Group


Paramount


Daily Mail & General Trust (Associated Newspapers)


Britvic


Yahoo


Harvey Nichols


Lyst


Highlight-Mandate


  • Advising a tech company on specific aspects of the Networks & Information Systems (NIS) Directives and recommendations for its cybersecurity strategy and compliance programmes across the EU, the UK and globally.
  • Advised a luxury retailer on the development and global deployment of an AI tool that would analyse customer data to generate insights related to their experiences.
  • Advised a technology business on complex data sharing agreements with advertisers, publishers and other advertising technology companies.

Mills & Reeve LLP

Jointly headed by Jagvinder Singh Kang and Gary Attle, the data protection, information, and cyber law practice at Mills & Reeve LLP is well-placed to advise tech, healthcare, and charity sector clients on GDPR compliance, emerging technologies, and international personal data transfers. Attle is the key contact for freedom of information and contentious matters, while Singh Kang handles technology transactions and global compliance projects, benefiting from his software engineering background. ‘Calm and highly intelligent operatorPaul Knight is also recommended.

Praxisleiter:

Jagvinder Singh Kang; Gary Attle


Weitere Kernanwälte:

Paul Knight


Referenzen

‘What’s impressed us is the depth of knowledge and professionalism of every single Mills & Reeve team member.  No matter what we’ve asked for they’ve delivered by when we need it.’

‘Law firms stand or fall on the quality of their personnel. Working with Paul Knight, as the lead Mills & Reeve partner, means that every Mills & Reeve interaction has the hallmark of quality. Paul is a calm and highly intelligent operator. He’s someone at great pains to really understand where his client is coming from and where they are looking to get to.’

Kernmandanten

Macmillan Cancer Support


Chartered Institute of Personnel and Development (CIPD)


MyTraffic


MySense


Miles Partnership


Beauty Bay


Trax


Indicia Worldwide


Otsuka Pharmaceutical Europe


Goodform


Highlight-Mandate


  • Advised a USA based global hospitality service provider in respect of a cyber breach affecting its global bookings platform.
  • Advised a multi-billion-pound global pharmaceutical company listed on the New York Stock Exchange, on its intra-company global data protection arrangements.
  • Advised Cleveland Clinic on data protection issues relating to its new London hospital.

Morgan, Lewis & Bockius UK LLP

Working closely with its US offices, the data privacy and cybersecurity team at Morgan, Lewis & Bockius UK LLP advises UK, European, and global companies in relation to transactional data privacy matters, data breaches, regulatory investigations, and data sharing arrangements. Key names to note include Matthew Howse, who advises corporations on EU privacy and cybersecurity compliance. Vishnu Shankar joined the firm from the Information Commissioner’s Office in October 2023, while former practice head Pulina Whitaker left in August 2023.

Weitere Kernanwälte:

Matthew Howse; Vishnu Shankar


Kernmandanten

Mitek Systems


Sabre Corporation


Richemont


Shiseido


Premise Data


Highlight-Mandate


  • Advised Mitek Systems on complex privacy issues relating to the use of data, including biometric and hashed data, for commercial purposes and on customer agreements and data transfer requirements.
  • Advised Sabre Corporation on all international and US aspects of their businesses including commercial processing agreements, data transfer agreements, compliance with regulatory notices, and mandates from governments for customer data to be provided for contact tracing purposes as well as security incident management.
  • Advised Richemont on numerous matters where privacy and employment intersect, including cross-border projects involving employee and customer personal data.

Pillsbury Winthrop Shaw Pittman LLP

Pillsbury Winthrop Shaw Pittman LLP advises clients across the finance, electronics, and tech sectors on the full range of data privacy, protection, and cybersecurity matters, with notable strength in the drafting of binding corporate rules, data transfer agreements, and EU and UK GDPR compliance. Rafi Azim-Khan oversees the team and splits his time between London and Silicon Valley, while Steven Farmer, noted for his ‘in-depth understanding of complex privacy issues,’ advises start-ups and leading tech multinationals on global compliance issues.

Praxisleiter:

Rafi Azim-Khan


Weitere Kernanwälte:

Steven Farmer


Referenzen

‘Rafi Azim-Khan is my key contact, and he always takes care of what we need. Even in suddenly urgent situations, he works night and day, across time zones, to deliver.’

‘The team has a deep understanding of the various privacy and data protection rules both in the UK and EU. They are well connected with individual regulators from whom they can obtain informal guidance, which is quite useful.’

‘Steven Farmer is the person I principally work with. His judgement is sound and his advice is practical. I value his knowledge and his responsiveness. First rate in all regards.’

Kernmandanten

G.Network Communications


CSC


LEAP


Morgan Stanley


Bass Pro


PNC Bank


State Street Bank


Institute of International Finance


Victaulic


HM Electronics


Ntrepid


PwC LLP

PwC LLP benefits from the firm’s large international network and has particular strength in cross-border matters, advising on international data transfers, data protection impact assessments, and global data projects for a diverse roster of clients from the public, automotive, manufacturing, and logistics sectors. The team is jointly led by ‘true professionals’ Chris Cartmell, a cybersecurity specialist, and Fedelma Good, who is noted for her ePrivacy and direct marketing expertise. Associate Stephanie Baker is also recommended for her experience advising on multijurisdictional privacy mandates.

Praxisleiter:

Chris Cartmell; Fedelma Good


Weitere Kernanwälte:

Stephanie Baker


Referenzen

‘The Privacy team at PwC, led by Fedelma Good, are an exceptional team of individuals with great credentials and a can-do attitude. The team comes from industry and regulator backgrounds and works hard to really understand the challenges a client faces in a globalised market, while having to adhere to localised regulatory requirements.’

‘Fedelma Good has a wealth of experience, and her understanding of compliance requirements is broad and deep. Fedelma makes people feel at ease, and speaks their language, to quickly get to the heart of the issues, and then goes on to instil confidence in the ability of all involved to get the job done in a practical and pragmatic way.’

‘The team really work as a team. All are always up to date about the status of the project. As the team consists of lawyers as well as technical people, the solutions brought to the table are more than just the legal answer to your question. They are genuine solutions that can be implemented. I love the diverse background of the team.’

Kernmandanten

Department for Digital, Culture, Media & Sport (now the Department for Science, Innovation & Technology)


Link Group Service Company Limited


Mott MacDonald Limited


Sainsbury’s Supermarkets Ltd


Axon


Aspiring Solicitors


Highlight-Mandate


  • Advised Mott MacDonald Limited on numerous data protection matters, including advising on data protection obligations in China, Thailand, Australia and South Africa; 27 data protection impact assessments for its key global systems; and a major project to implement a new intra-group data processing and international transfer agreement to apply across the global business.
  • Advised Australia-based global investment management firm, Link Group, to put in place a market leading solution to assess their international data transfers.
  • Assisted NASDAQ-listed Axon on data protection and privacy issues in connection with its development and deployment of automatic licence plate recognition systems in the UK, Brazil, New Zealand, Australia, France, Germany, Italy, Spain, Netherlands and Belgium.

Stevens & Bolton LLP

Stevens & Bolton LLP’s cross-practice data protection team combines the firm’s commercial, technology, employment, and litigation capabilities, advising clients across the life sciences, insurance, tech, and retail sectors. The ‘razor sharp’ Beverley Flynn leads the team and has significant experience advising on international data transfers, data protection policies, and subject access requests. Key names in the team include Charles Maurice, who handles commercial data protection issues, and Gary Parnell, recommended for his outsourcing, digital tech, and e-commerce expertise.

Praxisleiter:

Beverley Flynn


Weitere Kernanwälte:

Charles Maurice; Gary Parnell


Referenzen

‘Very clever, approachable team, responsive and full of easy-to-deal-with people. We really rate them.’

‘Standout operators, top lawyers and personable and unstuffy to deal with. Beverley is razor sharp, quick and friendly, with deep subject matter knowledge.’

‘Beverley Flynn – exceptional knowledge and application. Goes beyond the role requirements to support and mentor.’

Kernmandanten

DeafKidz International


Kia UK Ltd


Penhaligon’s Ltd


Lit Fibre Group Ltd


Hope into Action


DER Touristik UK Ltd (Kuoni)


Foodient Ltd (t/a Whisk)


BrightStarr Ltd (t/a Unily)


RBB Economics LLP


G&J Distillers (t/a Quintessential)


Highlight-Mandate


  • Advising Lit Fibre, the ultrafast fibre home broadband provider, on data protection issues associated with its business as a fibre optic telecoms provider including arrangements with businesses and consumers.
  • Advising Kia UK Ltd on all data protection advice including on telematics for vehicles as well as on the appointment of processes in its marketing arrangements and adtech as well as transfers outside the UK.
  • Advising DTUK, the owner of Kuoni as well as other upmarket travel brands in the UK and overseas, on all arrangements from a data protection perspective including agreements with agencies and providers at travel destinations globally.

Harbottle & Lewis LLP

With significant industry focus on the marketing, adtech, and digital media sectors, Harbottle & Lewis LLP is regularly instructed on mandates relating to the data aspects of advertising campaigns, data breaches, and compliance issues. The team is jointly led by Anita Bapat, who takes point on data protection and privacy matters, and Emma Wright, who leads on the cybersecurity front. Also in the core team is Sacha Wilson, who is recommended for adtech vendor arrangements and digital marketing projects.

Praxisleiter:

Anita Bapat; Emma Wright


Weitere Kernanwälte:

Sacha Wilson


Referenzen

‘A talented, diverse, down to earth, solution focused and knowledgeable team.’

‘Anita Bapat is a pleasure to work with.’

‘Expertise and current knowledge are hugely beneficial. Consistently thoughtful about the risks to our business and how to balance good practice with the realities of our business model. Always has an option and solution no matter what we throw at them. Calm, thoughtful and totally positive to deal with.’

Kernmandanten

The Ozone Project


Havas Media Group


Equal Experts


Knight Frank


Shein


De Beers Group


Princess Yachts Limited


SEGA


MyBuilder (part of the HomeAdvisor group)


Highlight-Mandate


  • Advising the Ozone Project, a cutting-edge digital advertising platform owned by major news publishers, including the Guardian, News UK and the Telegraph, on a number of data privacy matters including advising on policies and vendor contracts from a data privacy perspective.
  • Advising SEGA on data protection for the first time on strategically important data protection and technology and projects.
  • Assisted De Beers with the launch of their Tracr platform (which is the world’s only distributed diamond blockchain that starts at the source and provides tamper-proof source assurance at scale) as they launch to various participants on the supply chain; assisted with data protection advice in relation to making the Tracr Platform available to consumers.

Kingsley Napley LLP

Jointly led by Emily Carter and Adam Chapman, the team at Kingsley Napley LLP has a notable specialisation in advising on the data protection and cybersecurity aspects of criminal matters, investigations, and enforcement proceedings. Helen Morris acts for claimants in cases concerning unlawful disclosure of personal data, while Andrew Solomon advises corporate and commercial clients on compliance and international data transfer agreements. Associate Ellie Fayle has particular expertise in tackling right-to-be-forgotten cases.

Praxisleiter:

Emily Carter; Adam Chapman


Weitere Kernanwälte:

Andrew Solomon; Helen Morris; Ellie Fayle


Referenzen

‘The data protection team provides very practical advice and focuses on implementation rather than over-analysis. We are a small business but operate in multiple jurisdictions which complicates data protection obligations. The team catered to our specific requirements very well.’

‘Emily Carter was very knowledgeable, professional and attuned to client requirements. Andrew Solomon was an excellent responsive associate who provided precise, practical and useful policies and agreements on time and in budget.’

‘They have a very experienced specialist data privacy team.’

Pritchetts Law

Bristol-based data privacy and protection boutique Pritchetts Law acts for clients from a diverse range of sectors, including local government, healthcare, travel, and education. Co-head Stephanie Pritchett is noted for her ‘dedication, pre-eminent knowledge and expertise in all data matters,’ working alongside co-head Ben Wootton, who splits his time between London and Bristol and has a broad practice that spans data processing and sharing agreements, compliance, and direct marketing matters.

Praxisleiter:

Stephanie Pritchett; Ben Wootton


Referenzen

‘They are truly boutique. Though small in numbers, they deservedly command a presence in the company of other ‘general practice’ firms. Many of their peers are nationally or globally known names who would aspire to be retained by the longstanding clients Pritchetts deliver for.’

‘Stephanie Pritchett stands out for her dedication, pre-eminent knowledge and expertise in all data matters. She is perfectly complemented by Ben Wootton who adds his commercial experience and savoir-faire. Together their advice surpasses that of others I know for its precision, simplification of complex issues and value. It makes them trusted advisers beyond compare.’

‘Pritchett’s are incredibly knowledgeable about their area of practice, easy to get along with, and fun to work with.’

Kernmandanten

Yeo Valley Farms (Production) Limited


The Ceuta Group


Northumbrian Water Limited


The DataRobot Group


National Foundation for Educational Research


Voice and Script International Limited


Link Maker Systems Limited


Symmetry Limited


Mathys & Squire LLP


Sable International Group Limited


PDP Companies Limited


Breast Cancer Now


CFH Docmail Limited


Unison


RAC


AXA Health


Highlight-Mandate


  • Advised Yeo Valley on its data protection audit, drafting detailed privacy notices, responding to data subject access requests and implementing new processes to manage future individual rights requests.
  • Advised VSI, a global provider of translation and post-production services in the broadcasting industry, on compliant use of individual actors’ personal data and voice recordings; international data sharing with its numerous group companies; TV and movie production contracts; and arrangements with international business partners such as Amazon and Netflix.
  • Advised NFER, a leading UK-based educational research organisation, on the expansion of its existing school assessment system. NFER’s aim was to perform longitudinal data analysis outside schools to establish, among other things, the impact of Covid-19 on students’ education.

Sheridans

With strength in emerging technologies, media, e-sports, and the video games sectors, Sheridans benefits from the team’s industry and technical expertise to provide a specialised offering across these industries. The team is overseen by the ‘thoughtful and pragmatic’ Eitan Jankelewitz, and also includes Antonia Gold, who splits her time between the firm’s London and Berlin offices, and Stefano Debolini, who advises well-known tech companies, consumer brands, and investors on the data aspects of novel and emerging technologies, as well as data breaches and regulatory matters.

Praxisleiter:

Eitan Jankelewitz


Weitere Kernanwälte:

Antonia Gold; Stefano Debolini


Referenzen

‘Very responsive and pragmatic team who tailor solutions to the business making implementation easy. Excellent with both contentious and non-contentious issues and have the ability to navigate complex/unique situations with ease.’

‘Antonia Gold – Excellent partner who displays exemplary professionalism in all aspects of advice. Having such a well-rounded lawyer on board has helped us develop creative solutions to stand out in a competitive environment.’

‘Great team, always a pleasure to work with.’

Kernmandanten

AWIN AG


Cognism Limited


ESL FACEIT Group


Live Nation Entertainment (aka Ticketmaster)


Fédération Internationale des Associations de Footballeurs Professionnels (FIFPro)


Internet Advising Bureau UK (IAB)


Virgin Media


AETN UK


Sumo Digital Limited


The Body Coach


HackerOne


Stainless Games


Build a Rocket Boy


Stink Studios


Highlight-Mandate


  • Advised FIFPro on use of player data for support and representation of footballers and in commercial initiatives to help support lower and developing leagues.
  • Advised ESL FACEIT Group on regulatory strategy for data analytics, addressing esports cheating, and cross border data flows.
  • Advised AETN UK on launch of a new Crime+Investigation Play SVOD channel.