Data & privacy

Commercial contract and data protection advice to a medium sized business in the marketing industry

Our client is a medium sized enterprise which provides marketing communication and market research services to large multiple retailers. We offer them a range of legal support and advice for corporate and commercial issues including mergers, acquisitions, contracts and compliance.

Thomson Snell & Passmore advise educational software company on terms of business and data protection

Thomson Snell & Passmore advises a new data business on data protection compliance

Our client, Lifeproven Limited is working on an exciting new data initiative aimed at understanding how homes impact on health. We advised Lifeproven on the data protection implications of their venture, including starting a data audit in order to inform the preparation of an appropriately drafted privacy policy.

Supporting a Multi-Academy Trust (MAT) when one of their school’s received a Data Subject Access Request (DSAR) from a learner’s parents.

A learner was involved in an incident at School, and following this, the parents made complaints to the ICO and served a DSAR.

Thomson Snell & Passmore advise property search start-up on their terms of business

We advised a start-up specialist property search business on the considerations for getting started including the choice of corporate forms and the benefits and disadvantages of each as well as terms of business.

Data Subject Access Request (DSAR) in an independent school

Thomson Snell & Passmore assisted an independent faith school in relation to  number of personal data requests.

Providing an updated suite of GDPR-compliant documents for a UK-based ventilation company

This UK company supplying ventilating equipment needed advice on GDPR and in particular, assistance in respect of their website privacy policy,

Thomson Snell & Passmore advises local South East business on IT contracts and data protection compliance

Leading South East law firm Thomson Snell & Passmore has successfully advised block management software company, Resident Property Management Ltd, in updating their standard customer licence agreement for Resident's proprietary block management software.

Drafting terms and conditions to limit liability for a flying school

Our client operates a flying school and we were engaged to prepare the terms and conditions that would apply to hands-on flying lessons and, for experienced flyers, the hire of rotary-wing aircraft.

What has the global pandemic meant for businesses and commercial law?

Our Corporate and Commercial team has been incredibly busy in recent months. Here, we look at some of the commercial work we have been helping clients with during the pandemic.

New ICO Guidance in relation to Data Subject Access Request

Back in December of 2019 the Information Commissioner’s Office (ICO) held a consultation outlining guidance for dealing with Data Subject Access Requests (DSARs.)

Largest fine yet levied against employer for breach of GDPR regulations concerning employee data

The German branch of the Swedish clothing manufacturer H&M have been handed a huge fine in excess of €35 million by the Hamburg Data Protection Authority, as a result of a breach of GDPR rules concerning employee data.

Data Sharing Considerations for Charities

Data protection in the time of COVID-19

I’ll admit it – I clicked the link. I will make the excuses; I am trying to work from home and keep a 5 year old occupied on something other than YouTube; I was quickly dealing with the quick-wins in my inbox, it sounded genuine (we would update our email footer, at a time like this, right?)

Taking a Holistic View

Joanne Gallagher recently spoke to South East Business about how to deal with a rapidly changing situation

UPDATED: COVID-19: guidance in relation to Data Protection

The ICO has issued brief guidance to data controllers in relation to the COVID-19 outbreak.

Reminders for Data Protection Day for UK based businesses

If you control personal data, you will need to register with the Information Commissioners Office (ICO) and pay a fee unless you are exempt. You can check whether you are required to register here: https://ico.org.uk/for-organisations/data-protection-fee/self-assessment/

How UK companies can prepare for a new national GDPR post-Brexit

Thomson Snell & Passmore discusses how UK firms can prepare for a new national regulation for data post-Brexit

UK may become GDPR 'third country': what does this mean for you?

At the end of this month, the UK is set to leave the European Union. The Government still hopes for a deal but it remains to be seen whether an adequacy decision for the purposes of the General Data Protection Regulations (GDPR) will form part of that deal. If it doesn’t, or if the UK exits with “no-deal,” the UK will be a third-country for the purposes of GDPR in the remaining EU member states and Iceland, Lichtenstein and Norway (the additional countries that along with the EU form the EEA).

Signatures for the digital age

Business people often type their name at the end of emails setting out agreements. And some have taken to inserting images of their signatures onto documents with a signature block, but most will not have considered whether this actually constitutes valid execution of a document. 

Data Protection fines – what employers should really be nervous about this Halloween…

UK data protection legislation, including the new GDPR, is enforced by the Information Commissioner’s Office (ICO). The ICO has the authority to issue monetary fines of up to 4% of a company’s annual worldwide turnover, or 20 million euros, for those in breach of their data protection duties.

Breach of confidence - but what’s it worth?

A recent case in the High Court has resulted in a business being awarded just £2 in nominal damages, to compensate for two of its employees retaining the business’s confidential information in breach of their duties.

Data Protection and Consent - ICO Guidance

All businesses should be aware that you need a lawful basis for processing your customers’ personal data. If you rely on consent, then this must be freely given, specific and a clear indication of the individuals’ wishes under The Data Protection Act 2018 (DPA). 

Brexit - there is a great deal to think about

Senior Partner, James Partridge speaks to the Times of Tunbridge Wells and describes the impact that the Leave vote will have on businesses and looks at five key areas including commercial contracts, dispute resolution, employment, commercial property and data protection.  

Changes to Data Protection Law