Data Protection & Privacy

Visit elexica for articles, newsletters, training and podcasts that provide legal insight on Data Protection & Privacy.

 


 

Our Practice

Data protection and privacy issues impact on all business and industry sectors across the globe. Compliance with the law and protecting individuals’ privacy is not just a legal issue. Failure to respect people’s privacy or ensure security of their data can severely damage a company’s brand and influence consumer buying decisions.  It is also an area for increased sectoral regulatory focus, particularly in the financial services sector.

We are able to cover the full range of data protection and privacy issues including:

Data Security
  • advising both on proactive measures to be adopted by business to address data security and dealing with the response to data security breaches.
Employees
  • the full range of data protection issues arising for employers including monitoring at work and processing of sensitive personal data.
Freedom of information
  • advising both public and private sector bodies on disclosure requirements and risks under freedom of information/open government legislation.
Interception of communications
  • advising businesses on compliant monitoring and recording of communications to, from and within their business.
Subject access
  • advising clients on developing strategies for responding to subject access requests as well as assisting in dealing with the requests themselves, sometimes also in the context of litigation.
Transactions
  • dealing with data protection issues associated with corporate transactions (eg in relation to due diligence disclosure or transfer of data as an asset) and outsourcing transactions.
Marketing
  • advising on the rules relating to telephone, email and SMS marketing as well as data profiling activities.

Experience

Multi-jurisdictional privacy projects

  • advising a large conglomerate on its data protection compliance project, including the review of data protection laws concerning information, consent, overseas transfers (including the application of binding corporate rules) and notification/registration in 14 countries
  • advising a major professional services client in its efforts to address compliance with data protection legislation in Europe, the Middle East, Africa and worldwide
  • assisting a major retail bank with its international data transfer projects and creating a data protection compliance manual covering over 40 jurisdictions
  • advising on the data protection issues relating to the implementation in France of stock option plans granted by the American parent company
  • advising two Hollywood film majors on data protection and contractual matters relating to the creation of multi-service portals and registration with the DNPD in Portugal.

Privacy and technology

  • advising a web analytics company on the laws relating to interception of communications in connection with the proposed analysis of ISP traffic
  • advising a major mobile network operator on the use of mobile handset data to provide location – based services in the UK
  • advising on online market research company for the music and entertainment industry on various intellectual property and data protection issues relating to its activities
  • advising and preparing the declaration to be filed in respect of a video surveillance system implemented for security reasons and examining the regulatory aspects of video surveillance systems
  • advising on the implementation of a video surveillance system in showrooms for training purposes.
  • advising a clothing designer/retailer on the privacy issues associated with the use of RFID tags.

General privacy issues

  • advising a number of Italian and international companies on data protection requirements and procedures in Italy and France, such as notification, drafting forms and complaints before the competent regulatory authority
  • advising a large multi-national company on a series of comprehensive subject access requests from litigants in person.

Data protection and employees

  • advising and preparing the relevant documentation for the implementation of background check systems for French candidates in the banking sector; examining the data transfer agreement to be put in place in relation to a UK data processor using facilities in a country located outside the EEA
  • advising on all employment law aspects in connection with data protection law such as works council negotiations and Codes of Ethics including (whistle-blowing-policies)
  • acting for an international credit institution established in Belgium to advise on the processing of personal data about employees, including specific advice on the processing of data referred to in an ID card.

Data Security

  • advising a Government department on a high profile loss of data by a contractor
  • advising a financial institution on a data security breach impacting on several thousand employees across the world
  • advising a major multinational company on the loss of data relating to several thousand customers.