In today’s economy, information is perhaps the single most important asset for organisations as they innovate and grow. All organisations create, collect, retain and use a multitude of different types of data.

Businesses today handle large amounts of personal data, not only when active in B2C e-commerce but also as an employer regardless of the industry they operate in. These businesses require a vigilant and structured approach to the governance and protection of collected and retained data. Not to forget the introduction of new and more stringent data privacy laws which in turn have established without a doubt that compliance with data privacy should be a top priority for all businesses.

We take a pragmatic and commercial approach to data protection, compliance and privacy by advising in-house legal teams, chief data officers, CIOs and other management executives as well as the boards of companies. This regularly involves taking account of data protection and privacy rules on a global basis, including the EU General Data Protection Regulation alongside national implementing laws.

We frequently advise clients on data privacy and confidentiality. This includes strategic advice as to the approach to be taken, design and implementation of compliance programmes (such as addressing matters like use of social media on the work floor, defamation and removal of alleged prejudicial content, to name a few) and advice on ad hoc issues arising in the application of those programmes.

Our team can assist with advice on:

  • Data Transfer Agreements. negotiating cloud and Model form (and other) complex international data transfer agreements, and framework agreements for easy adherence and application to multiple transfers.
  • Preparing Privacy impact assessments research papers
  • Preparing Privacy policies and Data collection notices/statements alike
  • Advising on/solving intellectual property rights arising in data and databases
  • Designing and documenting adequate data protection and security measures that protect both your own and your consumers’ privacy and security, including drafting data protection policies and advising on e-privacy and cookie related issues aswell as database systems analysis
  • developing global policies for clients
  • Outsourcing management. Identification of key existing contracts which involve material outsourced processing of personal data and renegotiation of terms to ensure compliance.
  • Advise, amongst other, on  

⇨GDPR or otherwise Compliance programs and policies: Compliance with national and international privacy laws and regulations including GDPR compliance programmes whereby comprehensively reviewing the data privacy systems and processes in place across a global business network of your business. 

⇨The drafting of social media policies as well as privacy and IT policies,
⇨Privacy requirements in relation to internal compliance, sensitive data and data retention,
⇨investigations by data protection authorities,
⇨International data transfer,
⇨Binding corporate rules and codes of conduct,
⇨Protection of confidential information

  • implementing effective international data transfer strategies,
  • carrying out audit and risk assessments,
  • Review of justification strategies and other supporting policies in place – When it comes to data protection, a business’ strategy for justification of its processing of personal data is key to compliance, particularly with regard to consent.
  • Accountability measures:  Analysis of organisational measures in place to discover potential gaps and to deal with accountability, for example the appointment of a Data Protection Officer if needed, the necessity of a data privacy impact assessment and the amendment of company policies.         




  Monday – Saturday 

    +92 332 257994-3

Close Menu