+44 (0)1270 820 509
+44 (0)1270 820 509



data protection &



What does every organisation in the world have in common? They all hold data. For some organisations, if they could not use their data, they would have no business. For many others, they are walking away from millions of pounds worth of opportunity merely because they are not alive to the possibilities of making data work for them.

At law:matix, we have substantial experience of data protection compliance, avoiding and managing data breaches and dealings with regulators.  We also have unparalleled experience of making data make money for our clients - from global brands to small start-ups. Whether your business is big or small, new or established, local or international – we would like to open your eyes to the data exploitation opportunities that you have not yet considered

Our data services include:

  • UK GDPR and Data Protection Act 2018 compliance and advice on data protection legislation. learn more
  • compliance audits

  • privacy notices. Preparing and advising on privacy notices and their incorporation

  • subject access advice and support, the application of exemptions and how to deal with subject access rights in disputes

  • data subject rights and how to comply

  • data security and breach management

  • data processors. Advising on implications of using third party service providers and preparing data processing agreements

  • data transfers outside the UK. Advising on the adequacy requirement for data transfers, including the new UK approved Standard Contractual Clauses

  • data migration, data cleansing and enrichment arrangements

  • commercial exploitation of data, devising and implementing strategies to facilitate multichannel cross-selling, up-selling and targeted marketing and to maximise cross group and international opportunities.

  • policies and templates. Drafting staff policies and templates for ensuring consistent and compliant application of the law

  • Information Commissioner investigations. Advising on assessments, investigations and enforcement actions by the Office of the Information Commissioner

The UK GDPR, the Data Protection Act 2018 and the new Standard Contractual Clauses are now in full force and effect.  You should have prepared your documentation, your processes and your business for the significant changes these laws have introduced.

What has changed since the Data Protection Act 1998?

The UK GDPR and Data Protection Act 2018 introduce a raft of new provisions including new reporting obligations, changes to the rules on transferring data outside of the UK / EEA, obligations to notify data breaches, tightening of consent requirements and, in some cases, a legal duty to appoint a data protection officer. We also have increased rights for data subjects, direct obligations on data processors and penalties for breach of up to 4% of annual worldwide turnover and potential criminal liability for senior personnel.

law:matix can help you comply with the UK GDPR and the 2018 Act. Our support includes:

  • compliance audits to identify the areas that comply with the new requirements and those that need change

  • privacy notices.  Advising on and drafting notices that comply with the new requirements for privacy notices and the increased consent responsibilities

  • data processors. Advising on the increased obligations when using third party service providers, the new responsibilities imposed directly on them and preparing data processing agreements

  • data transfers outside the UK / EEA. Advising on the changed adequacy requirements for data transfers

  • data subject rights. Advising on the expanded rights afforded to data subjects including data portability, the ‘right to be forgotten’ and enhanced subject access rights

  • privacy by design.  Providing guidance for the development of new systems and changes to existing systems

  • data security and breach management and compliance with the new reporting obligations

  • policies and templates. Revising your staff policies and templates to ensure consistent and compliant application of the new law

  • Regulator investigations.  Advising on assessments, investigations and enforcement actions by the Office of the Information Commissioner and other regulatirs

  • data protection officer service.  Fulfilling your need for a data protection officer without the overhead of an in-house privacy resource

  • Brexit.  Guiding you on the impact of Brexit on the legal framework

See also our training page for details of our data protection workshops, tuition, elearning and public speaking services.



quick links

  • data protection & exploitation
  • freedom of information
  • IT contracts
  • ecommerce legals
  • training & event speaking

legal notices

  • terms of use
  • cookies & privacy policy
  • equality & diversity
  • professional & insurance


phone: +44 (0) 1270 820 509
email: legals@lawmatix.com

Copyright ©2007-2024 Lawmatix Limited. All rights reserved.
Registered in England and Wales, company number 07475628. Authorised and regulated by the Solicitors Regulation Authority under number 555307