• I am an Associate in the Litigation, Advisory and Regulatory Department. As an accredited Practitioner in Data Protection I have a wide range of information law and privacy experience advising clients on compliance with the General Data Protection Regulation, the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations. 

    Having worked in-house for a number of years at a large listed consumer facing organisation, I have particular experience of advising heavily data focused businesses in the property and financial services sectors.

    I have provided clients with support on data subject rights requests, governance arrangements including drafting and reviewing policies, training, privacy notices, responding to requests for disclosure of personal data from the police and other third parties, advising on data processing/sharing arrangements and associated contracts, marketing and consent reviews, data breaches and complaints and liaising with the Information Commissioner’s Office in relation to matters being investigated.

  • My experience includes advising on:

    • the GDPR compliance project for a UK leading provider of financial and property services including providing training to all key stakeholders;
    • data mapping and record keeping requirements;
    • data sharing arrangements, including drafting and negotiating appropriate contractual clauses and advising on the processing of data internationally;
    • marketing processes, including compliance with consent requirements, associated preference centres, opt-out wording and call centre scripts;
    • data protection policies including providing input on data retention policies and breach notification policies and procedures;
    • data protection customer complaints including claims for compensation and drafting associated communications with the ICO;
    • data breaches including reports to be made to the ICO and data subjects and dealing with any connected ICO investigation;
    • data subject rights requests. including in particular data subject access requests; and
    • privacy and information law aspects of acquisitions and investments including conducting relevant data protection due diligence.

Rachael's areas of expertise

Our use of cookies

We use necessary cookies to make our site work. We'd also like to set optional analytics cookies to help us improve it. We won't set optional cookies unless you enable them. Using this tool will set a cookie on your device to remember your preferences. For more detailed information about the cookies we use, see our Cookies page.

Necessary cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics cookies

We'd like to set Google Analytics cookies to help us to improve our website by collection and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone.
For more information on how these cookies work, please see our Cookies page.