At law:matix, we have substantial experience of data protection compliance, avoiding and managing data breaches and dealings with regulators. We also have unparalleled experience of making data make money for our clients - from global brands to small start-ups. Whether your business is big or small, new or established, local or international – we would like to open your eyes to the data exploitation opportunities that you have not yet considered
Our data services include:
privacy notices. Preparing and advising on privacy notices and their incorporation
subject access advice and support, the application of exemptions and how to deal with subject access rights in disputes
data subject rights and how to comply
data security and breach management
data processors. Advising on implications of using third party service providers and preparing data processing agreements
data transfers outside the UK. Advising on the adequacy requirement for data transfers, including the new Standard Contractual Clauses
data migration, data cleansing and enrichment arrangements
commercial exploitation of data, devising and implementing strategies to facilitate multichannel cross-selling, up-selling and targeted marketing and to maximise cross group and international opportunities.
policies and templates. Drafting staff policies and templates for ensuring consistent and compliant application of the law
Information Commissioner investigations. Advising on assessments, investigations and enforcement actions by the Office of the Information Commissioner
What do the changes look liket?
There is a raft of new provisions including new reporting obligations, changes to the rules on transferring data outside of the UK / EEA, obligations to notify data breaches, tightening of consent requirements and, in some cases, a legal duty to appoint a data protection officer. We will also see increased rights for data subjects, direct obligations on data processors and penalties for breach of up to 4% of annual worldwide turnover and potential criminal liability for senior personnel.
law:matix can help you comply with the new Regulation and the new Act. Our support includes:
compliance audits to identify the areas that comply with the new requirements and those that need change
privacy notices. Advising on and drafting notices that comply with the new requirements for privacy notices and the increased consent responsibilities
data processors. Advising on the increased obligations when using third party service providers, the new responsibilities imposed directly on them and preparing data processing agreements
data transfers outside the UK / EEA. Advising on the changed adequacy requirements for data transfers
data subject rights. Advising on the expanded rights afforded to data subjects including data portability, the ‘right to be forgotten’ and enhanced subject access rights
privacy by design. Providing guidance for the development of new systems and changes to existing systems
data security and breach management and compliance with the new reporting obligations
policies and templates. Revising your staff policies and templates to ensure consistent and compliant application of the new law
Regulator investigations. Advising on assessments, investigations and enforcement actions by the Office of the Information Commissioner and other regulatirs
data protection officer service. Fulfilling your need for a data protection officer without the overhead of an in-house privacy resource
Brexit. Guiding you on the impact of Brexit on the legal framework
See also our training page for details of our data protection workshops, tuition, elearning and public speaking services.