Data protection is a critical issue for all businesses. Under the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (“DPA”), the Information Commissioner’s Office has the power to fine businesses 4% of their annual global turnover or €20 million (whichever is greater) for serious breaches of the GDPR and the DPA.
The GDPR and the DPA impose complex regulatory obligations on businesses and grant wide rights to individuals in respect of their personal data. It is important you fully understand your responsibilities under the GDPR and the DPA so you can be sure your business is compliant.
The separate rules under the Privacy and Electronic Marketing (EC Directive) Regulations 2003 (“PECR”) add a further layer of complexity when it comes to electronic direct marketing.
In addition to the fines, data protection breaches often lead to adverse publicity and damage the business’ name and reputation which in turn can affect valuation when it comes to investment or sale.
Our data protection specialists provide pragmatic advice on all aspects of data protection compliance. They combine technical expertise with commercial common sense to make sure the solutions work for your business.
Our expertise includes:
- International data transfers
- Data protection audits
- Data sharing agreements
- Data processing agreements
- The purchase and sale of databases
- Privacy notices
- Policies and procedures
- Direct marketing