Data protection

Managing data can be complex and challenging. Getting it wrong can cause huge harm to your organisation. Not to mention your brand’s reputation and people's privacy.

Here when you need.

We’re here to keep you compliant with the data protection legislation.

Data is key to modern life. With information being generated and held by businesses in digital and physical form, how it’s managed and protected is important.

Non-compliance with data protection law can create huge issues for businesses and organisations. These range from regulatory action to civil claims and reputational harm.

Our data protection expertise spans Employment, Corporate and Commercial, and Dispute Resolution teams. We’re here to help data controllers and processors protect personal data. But we can also help manage the consequences when things go wrong.

Responding to subject access requests. Dealing with complaints from individuals about how their data has been handled. Navigating correspondence with the ICO. We’ve got your back.

  • Compliance, contracts and policies

    Mitigate the risks to your company with compliant policies (such as cookies & privacy policies and HR policies). We can write and advise on implementation within your business. We can draft contracts for the processing and sharing of data with third parties.

  • Data protection reviews

    We can review your business’ policies and procedures. We will ensure their compliance with data protection requirements and advise on necessary remedial action. This should put you in good shape for any ICO investigations in the event a breach occurs. In the health and social care sector we also support providers to complete the Data Security and Protection Toolkit.

  • Subject access requests

    We can assist with responses to an individual’s request for data. This may include advising on relevant exemptions and preparing a response to the data subject (whether they are a customer or an employee). We can even handle large-scale requests that involve the review and redaction of thousands of documents. Goodbye admin burden.

  • Cyber attacks

    Crisis management. Urgent support. After a cyber incident we’re here to help businesses respond and manage their reputation.

  • Data breach claims

    We defend businesses in civil claims for compensation made by data subjects following an alleged data breach.

  • Complaints to the ICO

    We assist organisations with complaints made about them to the ICO. We can help mitigate the risk, saving you time and money.

  • Other regulatory issues

    We advise on obligations to notify other regulators. This may be the Financial Conduct Authority or the Care Quality Commission. Whoever you report to, we have you covered.

  • Training

    Our team can provide data protection compliance training to your organisation and their employees.

contact us
Contact our Data Protection team

Contact a member of the team via their profile page, or simply fill out this form and they will get back to you.

Or call us:

0800 923 2076

The Data Protection team

Our data protection team work collaboratively with businesses and organisations of all sizes across various sectors to provide comprehensive and balanced legal advice.

Data Breaches - When, Not If

We come into contact with clients’ cyber and data protection issues every day and understand the profound effect they have on businesses, reputations and livelihoods.

For an SME, it is all too easy to dismiss cyber incidents and data breaches. Too often, these are seen as issues that only affect much larger entities or organisations that hold certain types of special category data. “It’s not going to affect us” is a very dangerous mindset. In this day and age, a data breach is a question of when, not if.

Read our report to find out how businesses can reduce the risk.

Read our report now

Additional legal services

Business Dispute Resolution
In the ever-changing legal landscape, with sharpening competition and advancing technology, our clients are facing new and unique challenges.
HR and employment law
The effective recruitment and management of care staff are key to achieving and maintaining a safe, caring, responsive and effective care business.
Corporate
We are a dynamic, forward thinking team of corporate lawyers with the technical knowledge and experience necessary to get deals done.
commercial lawyers
Commercial
Successful outcomes by becoming an extension of clients’ teams. We are commercial lawyers who understand your business and deliver results.

Read more from around RWK Goodman

Opinion  |  23:07:24
The Rise of Drone “Auditors” – Data Protection Considerations
There has been a recent rise in the number of online content creators turning up outside industrial sites in the UK and recording video footage using both body camera footage and flying drones above the premises.
Deepfake rwk goodman
Opinion  |  19:06:24
Deepfake scams: How to protect your business from financial fraud
Podcast  |  30:11:23
Ransomware: to pay, or not to pay? | Legal Thinking Podcast
In this episode we speak to Carl Selby and Fran Tremeer, following their 'When, Not If' Cybersecurity report, about how businesses should respond when they're the victim of a ransomware attack.
Employee data
Opinion  |  08:06:23
Subject access request 101: ICO’s guidance for employers
On 24 May 2023, the Information Commissioner’s Office (‘ICO’) published new guidance for employers on how to deal with a Subject Access Request (‘SAR’).
Opinion  |  17:04:23
TikTok’s fine: what it means for businesses, and how you can avoid the same mistakes
TikTok has rapidly become very popular as a social media platform. Despite its success, it has received one of the largest fines ever issued by the Information Commissioner’s Office (ICO) for misusing children’s data....
Opinion  |  19:12:22
EU-US Data Privacy Framework – what you need to know now the draft adequacy decision has been published
Irene Trubbiani Montagnac explains what you need to know following the draft adequacy decision that comes as part of the EU-US Data Privacy Framework, which replaces the Privacy Shield.
Opinion  |  28:09:22
Important deadlines for companies transferring personal data out of the EU and UK
The New Standard Contractual Clauses On 4 June 2021 the European Commission adopted the New Standard Contractual Clauses (New SCCs), a primary mechanism for lawfully transferring personal data outside the EU. The deadline for...
IDTA
Opinion  |  03:08:22
Time is running out – deadline for the old EU standard contractual clauses draws near
On 21 March 2022 the International Data Transfer Agreement (“IDTA”) and the international data transfer addendum to the European Commission’s standard contractual clauses for international data transfers (the “Addendum”) came into force.
Opinion  |  24:06:22
Government proposes to shake up data protection regime
On 17 June 2022 the Department for Digital, Culture, Media & Sport (“DCMS”) issued a press release announcing the new data laws that would take effect as a result of the planned Data Reform...

View more articles related to GDPR