International privacy & data

Our experienced Privacy & Data team have international work at the heart of what they do. In an increasingly globalised world, the exchange of data knows no borders and neither do we. Our privacy and data team are experts in laws around the world.

With one of the largest teams in Europe, we support many global companies from our UK base. Our relationships with regulators in the EU, Americas, the Middle East and Asia means that we can provide clients with the one-stop service needed to deliver a holistic global coverage of their data protection, direct marketing and information governance work.

The team’s full-service offering includes:

  • A full outsourced global DPO (Data Protection Officer) service
  • All aspects of global privacy, including the implementation of Binding Corporate Rules (EU and UK)
  • Advising in relation to multi-jurisdictional breaches of the Privacy and Electronic Communications Regulations (PECR) in light of the proposed ePrivacy Regulation, and liaising with businesses to achieve commercial settlement of disputes
  • Managing global potential data breaches for our clients including assessment, remediation, damage and reputation protection, liaising with regulators and managing claims
  • Wider data protection and data security matters, including compliance plan risk assessment and action notification obligations, data mapping obligations, communications with privacy regulators around the world as well as advising on changes to global data protection policies and procedures
  • Strategic support on safeguarding data transfers internally within group organisations and externally with vendors and suppliers in order to meet the 27 December 2022 deadline for the new EU SCCs
  • Thought leadership and know how advice about global legal developments with pragmatic solutions
  • Managing relationships with privacy regulators around the world
  • Providing data subject access request support to multinationals
  • Advice and support on NIS obligations around Europe
  • Advice and support on AdTech issues around Europe

Our recent privacy and data experience includes:

  • Producing template data transfer agreements (DTAs) for a US-headquartered health data processor with complex data flows across Europe relating to clinical trial support
  • Acting for Belden Group, a global provider of industrial networking solutions, in its global data breach involving regulators across 26 countries. We were the sole counsel in every country except the USA
  • Undertaking the world’s first EU Controller and Processor Binding Corporate application (BCR) for Reinsurance Group of America Inc post GDPR
  • Supporting WeWork on a wide range of privacy and data matters, acting as its sole counsel across 36 of the 37 countries they are active in
  • Acting for Chronomics, world leaders in bio-infrastructure, and supporting its global privacy and data protection journey
  • Supporting multiple global life science organisations on their complex health-related global privacy compliance plans and operational excellence
  • Acting for a number of high-profile US-based retailers on all privacy and marketing aspects of their UK and EEA operations, including full compliance programs for entry into new territories
  • Advising a global software superstore for developers and IT pros on its contractual and general privacy compliance
  • Advising Hilton Grand Vacations on its global privacy needs in relation to a global HCM rollout with Oracle and other vendors

International services