Skip to Main content

Search results for ''...


Sorry, there were no results

Newsletter Sign Up

I would like to receive newsletters, event invitations and publications from Thomson Snell & Passmore by email on the following topics (tick all those that apply) and consent for my data to be processed for this purpose.

We respect your privacy and want news to be relevant. To either, click here or update your preferences by emailing us at info@ts-p.co.uk. Your personal data shall be treated in accordance with our & .

Get In Touch

By submitting an enquiry through 'get in touch' your data will only be used to contact you regarding your enquiry. If you would like to receive newsletters from Thomson Snell & Passmore please use the separate form below.

Newsletter Sign Up

I would like to receive newsletters, event invitations and publications from Thomson Snell & Passmore by email on the following topics (tick all those that apply) and consent for my data to be processed for this purpose.

We respect your privacy and want news to be relevant. To either, click here or update your preferences by emailing us at info@ts-p.co.uk. Your personal data shall be treated in accordance with our & .

Get In Touch

By submitting an enquiry through 'get in touch' your data will only be used to contact you regarding your enquiry. If you would like to receive newsletters from Thomson Snell & Passmore please use the separate form below.

  • Overview

    Data protection, GDPR and privacy law is a complex and fast-changing area with international differences adding an extra layer of complexity.  Data protection is the process of safeguarding important information from misuse, corruption or loss. Data protection has become much higher profile in an era of data and technology driven decision making and if you handle personal information about an individual, you have legal obligations regarding how you can process and store that information as set out in the Data Protection Act 2018. Private individuals are more aware of the value of their identity and wish to manage how their data is used and how they receive communications from businesses and organisations. 

    Currently the EU and UK has the most strictly enforced data protection regime in the world. This is set out in the General Data Protection Regulations (GDPR) and its UK variant, but other countries are following suit. The penalties for breaching data protection law are punitive and the Information Commissioner's Office (ICO) is clear that data protection “by design” should be built into all business processes in order to remain compliant with Data Protection legislation.

    You can also read more information on changes to data protection law.

    Compliance and business as usual

    Our professional data protection lawyers at Thomson Snell & Passmore have the ability to offer pragmatic advice on the legal framework of the Data Protection Act 2018 (which brings the GDPR into force). We can also advise you on the practical implications and challenges that you may face when trying to ensure that your organisation remains compliant.

    Led by experienced intellectual property and technology lawyers, our commercial team can assist businesses of all sizes, across various sectors, to control and process data while remaining compliant with data protection legislation. This includes data audits, preparation of privacy policies, preparation of data protection impact assessments and data sharing agreements.

    Through assisting Thomson Snell and Passmore’s internal processes to be GDPR compliant as well as supporting our clients, our lawyers have first-hand experience of the challenges faced and practical insights in ensuring compliance. Our data protection lawyers are experienced in their field and can provide you with high quality and expert support.

    Data Subject Access requests

    Under the current data protection regime, data subject access requests (DSARs) are a legal right of data subjects. The regulations surrounding proper compliance with DSARs are technical and the production of data can be a complex task. DSARs are increasingly being used in disputes as a method of disclosure and to burden parties. At Thomson Snell & Passmore, our team of data protection lawyers have expertise in advising clients about DSARs from employees and the educational sector.

    Personal Data Breaches - notifications

    Processing of personal data is no longer something to be undertaken without careful consideration. Unlawful processing or a data breach may both give rise to liability to data subjects for damages. The financial and reputational damage caused by unlawful processing and/or a data breach can have devastating consequences to businesses and organisations. 

    In addition to this, the ICO has powers to enter businesses where it suspects there are breaches of the Data Protection Act 2018. This can greatly impact a businesses ability to trade, and will eventually result in the organisation facing costs of dealing with an investigation. 

    Law cases in this area are fast developing. Both the arrival of the Data Protection Act 2018 and a wider appreciation amongst data subjects of the value of their data and data privacy has led to a growth in data protection, GDPR and privacy cases in the Court. Businesses should be aware that whilst individual claims may be financially small, the Courts are considering a number of data protection cases of group or representative actions which can result in large numbers of small value claims being dealt with together as single high-value dispute.

    Our dispute resolution specialists at Thomson Snell & Passmore can support business clients subject to claims in terms of either mounting a defence or settlement of damages claims. Where there are international issues, we can call upon our international network of partner firms to help steer you through the many local differences that complicate data protection worldwide.

    Our lawyers can advise you on:

    • Data Protection Act 2018 for data controllers and data processors
    • Compliance with the General Data Protection Regulations (GDPR) including 
      • privacy policies and data protection statements on websites or marketing materials
      • carrying out an audit of what personal data you hold and how you process it. 
      • preparation of  Privacy Impact Assessments for the purpose of understanding ongoing record keeping obligations 
      • checking whether your contracts with data processors (in particular) contain GDPR compliant data protection clauses
      • preparing mandatory data sharing agreements
      • checking consent wording that has been used to collect email address data sets for direct marketing is GDPR-compliant.  
      • identifying whether you are required to appoint a Data Protection Officer and, if so, whom you might appoint (the required qualifications are quite high).
    • Use of personal data for marketing and advertising and compliance with the Privacy and Electronic Communications Regulations
    • Sale and purchase of databases
    • Database rights and management
    • Licensing databases
    • Data protection laws specific to schools and education
    • Personal data issues arising in employment matters
    • Data subject access requests and the application and impact of the Freedom of Information Act
    • The transfer of personal data outside of the EEA
    • Data breach notifications
    • Data security
    • Confidentiality agreements
    • Claims for damages by data subjects

    Our approach

    Our team of commercial data protection lawyers obtain an in-depth understanding of the industry, and are aware that the commercial conditions under which you operate and your strategic objectives are vital when providing effective legal advice on data protection. With an in-depth understanding of the industry and extensive experience of IT and IP, we can support your data protection compliance effectively. We provide tailored advice which reflects your business objectives, minimises risk, remains compliant and operates in a cost effective manner.

    At Thomson Snell & Passmore, our data protection lawyers provide a robust and commercially appropriate framework, which is designed to exploit your assets, protect your rights and prevent disputes arising. We take a hands-on approach to give practical advice, which enables our clients to operate effectively on a day-to-day basis.

    If a data breach or complaint should occur, we will provide our clients with practical guidance in order to manage the issue. We can advise our clients on which steps to take, or if the client needs to focus elsewhere, we can step in on the behalf of them.

    If you would like to further discuss any of the information detailed above with our team of data protection lawyers, please contact Joanne Gallagher, Head of Corporate & Commercial on 01322 623708 or at joanne.gallagher@ts-p.co.uk.

     

     

  • Related Client Stories

    Commercial contract and data protection advice to a medium sized business in the marketing industry

    Our client is a medium sized enterprise which provides marketing communication and market research services to large multiple retailers. We offer them a range of legal support and advice for corporate and commercial issues including mergers, acquisitions, contracts and compliance.

    Thomson Snell & Passmore advise educational software company on terms of business and data protection

    Thomson Snell & Passmore advises a new data business on data protection compliance

    Our client, Lifeproven Limited is working on an exciting new data initiative aimed at understanding how homes impact on health. We advised Lifeproven on the data protection implications of their venture, including starting a data audit in order to inform the preparation of an appropriately drafted privacy policy.

    Supporting a Multi-Academy Trust (MAT) when one of their school’s received a Data Subject Access Request (DSAR) from a learner’s parents.

    A learner was involved in an incident at School, and following this, the parents made complaints to the ICO and served a DSAR.

    Thomson Snell & Passmore advise property search start-up on their terms of business

    We advised a start-up specialist property search business on the considerations for getting started including the choice of corporate forms and the benefits and disadvantages of each as well as terms of business.

    Data Subject Access Request (DSAR) in an independent school

    Thomson Snell & Passmore assisted an independent faith school in relation to  number of personal data requests.

    Providing an updated suite of GDPR-compliant documents for a UK-based ventilation company

    This UK company supplying ventilating equipment needed advice on GDPR and in particular, assistance in respect of their website privacy policy,

    Thomson Snell & Passmore advises local South East business on IT contracts and data protection compliance

    Leading South East law firm Thomson Snell & Passmore has successfully advised block management software company, Resident Property Management Ltd, in updating their standard customer licence agreement for Resident's proprietary block management software.

    Drafting terms and conditions to limit liability for a flying school

    Our client operates a flying school and we were engaged to prepare the terms and conditions that would apply to hands-on flying lessons and, for experienced flyers, the hire of rotary-wing aircraft.

  • Latest Updates

    Largest fine yet levied against employer for breach of GDPR regulations concerning employee data

    The German branch of the Swedish clothing manufacturer H&M have been handed a huge fine in excess of €35 million by the Hamburg Data Protection Authority, as a result of a breach of GDPR rules concerning employee data.

    Data Sharing Considerations for Charities

    Data protection in the time of COVID-19

    Michelle Rule recently shared her thoughts with Information Age Magazine

    Taking a Holistic View

    Joanne Gallagher recently spoke to South East Business about how to deal with a rapidly changing situation

    UPDATED: COVID-19: guidance in relation to Data Protection

    The ICO has issued brief guidance to data controllers in relation to the COVID-19 outbreak.

    Reminders for Data Protection Day for UK based businesses

    If you control personal data, you will need to register with the Information Commissioners Office (ICO) and pay a fee unless you are exempt. You can check whether you are required to register here: https://ico.org.uk/for-organisations/data-protection-fee/self-assessment/

    UK may become GDPR 'third country': what does this mean for you?

    At the end of this month, the UK is set to leave the European Union. The Government still hopes for a deal but it remains to be seen whether an adequacy decision for the purposes of the General Data Protection Regulations (GDPR) will form part of that deal. If it doesn’t, or if the UK exits with “no-deal,” the UK will be a third-country for the purposes of GDPR in the remaining EU member states and Iceland, Lichtenstein and Norway (the additional countries that along with the EU form the EEA).

    Signatures for the digital age

    Business people often type their name at the end of emails setting out agreements. And some have taken to inserting images of their signatures onto documents with a signature block, but most will not have considered whether this actually constitutes valid execution of a document. 

    Data Protection fines – what employers should really be nervous about this Halloween…

    UK data protection legislation, including the new GDPR, is enforced by the Information Commissioner’s Office (ICO). The ICO has the authority to issue monetary fines of up to 4% of a company’s annual worldwide turnover, or 20 million euros, for those in breach of their data protection duties.

    Breach of confidence - but what’s it worth?

    A recent case in the High Court has resulted in a business being awarded just £2 in nominal damages, to compensate for two of its employees retaining the business’s confidential information in breach of their duties.

    Data Protection and Consent - ICO Guidance

    All businesses should be aware that you need a lawful basis for processing your customers’ personal data. If you rely on consent, then this must be freely given, specific and a clear indication of the individuals’ wishes under The Data Protection Act 2018 (DPA). 

    Brexit - there is a great deal to think about

    Senior Partner, James Partridge speaks to the Times of Tunbridge Wells and describes the impact that the Leave vote will have on businesses and looks at five key areas including commercial contracts, dispute resolution, employment, commercial property and data protection.  

  • Insights

Newsletter Sign Up

I would like to receive newsletters, event invitations and publications from Thomson Snell & Passmore by email on the following topics (tick all those that apply) and consent for my data to be processed for this purpose.

We respect your privacy and want news to be relevant. To either, click here or update your preferences by emailing us at info@ts-p.co.uk. Your personal data shall be treated in accordance with our & .

Get In Touch

By submitting an enquiry through 'get in touch' your data will only be used to contact you regarding your enquiry. If you would like to receive newsletters from Thomson Snell & Passmore please use the separate form below.

Their commerciality is important - they know where we want to get to.

Client
Related Services
^
Jargon Buster Related Services