• The UK GDPR sets out the principles that organisations have to comply with when dealing with information that relates to people.  The rules apply whether you have sensitive information about thousands of patients, you only hold information about employees or board members, or you have limited contact details of suppliers.  Whilst many of the principles could be seen as “common sense”, much of the implementation is left to the judgment of the organisation.  At Bevan Brittan, we understand the risks involved in dealing with personal data, and take the time to understand your appetite for risk, before advising both strategically and pragmatically on compliance.  

    As a full service information law team, we offer advice and support on:

    • Requests from individuals, including Subject Access Requests, Requests for Rectification, Erasure Requests, and Right to Restrict Processing requests – including notification of objection to processing
    • Assistance with general compliance, including audits, policies and procedures
    • Complaints to the regulator and appeals to the information law tribunal
    • Assisting with complex complaints by individuals regarding breaches of data protection law
    • Working with litigation colleagues on data breach litigation claims
    • Advising on data sharing arrangements – internal and external
    • Bespoke training for teams
    • International transfer advice
    • Advice on handling a personal data breach
    • Advising on data issues that arise from the employment relationship – from recruitment, through performance, appraisals, grievances and termination
    • Using biometric data (e.g. fingerprints) to monitor staff
    • Contractual and commercial data protection issues
    • Compliance audits
    • Cybersecurity obligations under data protection law – prevention as well as breach response
    • Providing advice around partnership working in the context of information sharing, including disclosure to organisations such as the police, local authorities or the court
    • Advising on compliance with the Privacy and Electronic Communications Regulations, and the risks of non-compliance in this area
    • The use of cookies and similar technologies to track users of computer equipment – including assisting with drafting cookie policies and cookie banners

  • Examples of how we can help include:

    • Providing assessments of current data protection practices including preparing frameworks for internal audits, data mapping, reporting on audit result and preparing a compliance action plan.
    • Running workshops with your GDPR project teams to evaluate action taken and steps required to meet GDPR compliance.
    • Reviewing and updating existing internal data protection policies and procedures to ensure GDPR compliance such as data breach policies and employee handbooks.
    • Drafting bespoke GDPR documents such as precedent privacy impact assessments, privacy notices, data protection record keeping and data breach reporting forms.
    • Reviewing contracts with third parties which involve the transfer of personal data to ensure GDPR compliance.
    • Providing bespoke internal training sessions for directors and employees to highlight the specific data protection issues of which they need to be aware.

  • Global corporation

    We provide a range of GPDR compliance services to a leading global conglomerate. Our role includes facilitating the internal audit of data processing activities, providing workshops to identify gaps in compliance and prepare a compliance action plan to meet the GDPR requirements.

    We have also provided a comprehensive document review of internal practices and policies to ensure they comply with the new standards and requirements set by the GDPR.

Vicki Bowles (1)
Rachael Perry
Laura Cook
Vicki Bowles (1)
Rachael Perry
Laura Cook
Meet the full team

Services we offer

View all services

Legal Insights

News1---c_920x385px

Pensions partner becomes Bevan Brittan’s first senior recruit of the year

04/02/2025

View all News
Placeholder Image

Quantum Update for Clinical Negligence Practitioners

29/04/2025

Bevan Brittan Education Lunchtime Training Webinars 2025

View all Events
Articles---c_920x385px

Chronic Pain Syndrome following DVT – Coincidence or Causation?

04/02/2025

View all Articles

Our use of cookies

We use necessary cookies to make our site work. We'd also like to set optional analytics cookies to help us improve it. We won't set optional cookies unless you enable them. Using this tool will set a cookie on your device to remember your preferences. For more detailed information about the cookies we use, see our Cookies page.

Necessary cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics cookies

We'd like to set Google Analytics cookies to help us to improve our website by collection and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone.
For more information on how these cookies work, please see our Cookies page.