Privacy & data

Data transcends borders, and so do we

Get tailored global privacy solutions and practical advice from our leading privacy and data professionals

Welcome to the Shoosmiths Privacy & Data Team.

We are a truly full-service privacy and data practice that sets itself apart: over 20 dedicated advisers and sector specialists, offering global support and technology solutions, all informed by an incredible level of commercial and in-house experience, including with leading privacy regulators. 

How we can help

We can shape your privacy and data function in the following ways:

  • Build: we design, build and implement the foundations of your privacy, AI, cyber and other data compliance, on a global scale
  • Support: we provide business-as-usual and ad-hoc support, including a fully outsourced DPO service
  • Optimise: we use our experience to transform your data function into a centre of excellence
  • Protect: we advise you on security laws and standards to help you keep your data and systems safe, secure and resilient
  • Commercialise: we offer data licensing, IP and consultancy advice to make sure you leverage your data to its fullest potential
  • Automate: we help you to deploy artificial intelligence and automation technologies safely, responsibly and in compliance with complex regulatory frameworks
  • Resolve: we steer you through complex data complaints, disputes and investigations, and support you in times of crisis

theJPA.club

Join over 200 members of our community and help us build tomorrow’s privacy leaders, today.

Click below to find out more about the benefits of free membership and to sign up.

Find out more

An overview of our services

We provide fully tailored privacy and data services, which can be scaled up or down to meet your requirements. This lets you stay in control of your privacy compliance and commercial data budget with the scope, and flexibility, that works for you.

Details make the difference, so we have put together a snapshot of what we offer to businesses and organisations of all shapes and sizes:

 

BUILD

SUPPORT

OPTIMISE

PROTECT

COMMERCIALISE

AUTOMATE

RESOLVE
  • Audit & gap analysis
  • Data mapping
  • Documentation
  • Implementation
  • Registration & representation
  • Global & group compliance including Binding Corporate Rules
  • Advice & training
  • Data breaches
  • Routine data subject & third party rights requests and complaints
  • Policy, notice & register maintenance
  • Risk & role assessments
  • Contracts & procurement
  • Cross-border data transfers
  • Projects & privacy by design
  • Industry & function-specific advice including life-sciences, charities, financial services, HR, marketing and surveillance
  • Governance & awareness
  • Strategic advice
  • Technology implementation
  • Workflow & process improvement
  • Cyber-security & resiliency
  • Industry standards
  • Online safety & product conformity
  • Data monetisation & acquisition
  • Data licensing & APIs
  • Data & digital service contracts
  • IP protection
  • M&A support
  • Specialist technology advice including on Adtech, AI and Web3
  • AI & ADM (automated decision-making) policies
  • Explainability statements
  • Governance and mapping
  • Role analysis
  • Risk assessments
  • Supplier assessments

 
  • Disputes & legal proceedings
  • Complex data subject complaints
  • Large-scale data subject access requests
  • Regulatory enquiries & investigations
  • Crisis response and breach management

 

The team punch well above their weight and all take a pragmatic approach to their advice based on their unparalleled experience working with regulators, large multinational, and domestic clients. You’d be hard-pressed to find a better privacy team.

Chambers, 2025

Their quality of advice, pragmatism, and level of client-focus is unparalleled. They can advise on everything from DPAs up to complex binding corporate rule arrangements and huge CRM onboardings. I simply wouldn't go anywhere else for data privacy advice.

Chambers, 2025

The team is full of brilliant lawyers with a truly diverse background.

Chambers, 2025

Highly skilled and capable with excellent global knowledge of privacy laws.

Chambers, 2025

Offer unique industry insights. They take the time to really understand your business and its risk profile before advising – they don't just shoot from the hip.

Chambers, 2025

Who we work with

Our experience

We have helped hundreds of clients navigate and prepare for data protection and privacy laws all around the world. This includes every legislative acronym bar none, including the EU/UK GDPR, DPA, PECR, NIS, FOIA, CCPA/CPRA, DMA and DSA.

Here are just a few examples of our work and the challenges we have helped our clients to overcome:

  • Unlocking time and energy for business leaders by acting as an outsourced data protection officer/manager for several global organisations, including in the leisure, advertising, real estate, technology, life sciences and retail sectors
  • Heading off legal and reputational calamity by litigating a £multi-million dispute arising from a data breach in a precedent-setting claim, and handling notifications to the ICO, FCA, data subjects and police
  • Helping organisations achieve future-proof data transfers by enabling over 20 BCRs applications including the world’s first controller/processor BCR approved by the EDPB
  • Creating a direct marketing re-permissioning strategy for a 100m subscriber CRM database to strike a workable balance between the compliance and commercial needs of the business
  • Creating a policy framework with a practical and streamlined approach to CCTV requests for a client at risk of being overwhelmed
  • Assisting a global automotive manufacturer monetise connected car data by leveraging privacy enhancing technologies to unlock pure IP income

Our key products

SmartSAR

SmartSAR
Resiliency by Shoosmiths

Resiliency by Shoosmiths
Automated Data Compliance

Automated Data Compliance
Data Protection Officer Services

Data Protection Officer Services
SHOC 24

SHOC 24

Recognition

Legal_500_UK_Top-tier_firm_2025Chambers 2025GDR 100 2024    iapp Silver Member logo


Our insights and community work

Global privacy & data updates

We provide a regular update with the latest legal and industry developments in the world of privacy and data, sign up to get them delivered straight to your inbox.

Take a look at some of our previous editions below.

 

Download

Download

Download

Policy and industry work

We contribute to legislative discourse and policy in a variety ways, including through our role on advisory boards, industry panels and responses to government consultations.

Please see below our recent consultancy responses.

ICO Anonymisation Guidance

September 2022

ICO Children’s Code

December 2022

DPDI2 Bill

May 2023

ICO Biometric Data Guidance

October 2023

EDPB Guidance on ePrivacy Article 5(3)

January 2024

ICO generative AI guidance Parts 1 and 2

April 2024

EDPB Pseudonymisation Guidelines 01/2025

February 2025

 

Lights, Camera, Privacy! podcast

We bring you, Lights, Camera, Privacy!, a podcast series that explores privacy themes within some of the most well-known movies. Whether you're a film buff, a privacy advocate, or simply curious about the intersection of storytelling and privacy, tune in to explore how the big screen tackles privacy.

Listen on Spotify, iTunes or our podcast page, or to a sample episode below.

 

Meet the team

Insights

Read the latest articles and commentary from Shoosmiths or you can explore our full insights library.