Back to business services

Data Protection / GDPR

The protection of personal data has never been so important for businesses, regardless of their sector or scale. The rise in the number of high profile data breaches making the headlines has put organisations under intense scrutiny when it comes to how they handle personal information.

The General Data Protection Regulation (GDPR) set a new standard for the processing of European citizens’ personal information. The GDPR was implemented in the UK by the Data Protection Act 2018 and has been in force since 25th May 2018. The implementation of these new rules has led to consumers being much more aware of how their data is used. The strict new rules for the collection, processing, sharing and storing of personal data place significant responsibilities on all organisations that deal with the personal information of individuals. The consequences of failing to comply are substantial, both in terms of reputational damage and the fines that can be levied.

Whilst a significant element of GDPR compliance builds on best practice that most businesses will have already implemented under existing law, there is now also a significant additional burdens, including new requirements related to the rights of individuals over their personal data and the timescales for reporting data breaches. The level of responsibility will also vary depending on whether your organisation is classed as a Data Controller or Data Processor. For many businesses, there will be a requirement to appoint a Data Protection Officer (DPO).

As well as adherence to acceptable practices, a key requirement for compliance with data protection law is the implementation of a robust audit, record keeping and impact assessments, for which the use of an independent expert from outside the organisation can be beneficial.

In addition to providing comprehensive support for all matters concerning GDPR, we are also able to assist clients with ongoing legal issues arising from actions taken by the Information Commissioner’s Office (ICO).

Here at nexa law, our data protection lawyers are able to provide advice and support across a wide range of areas including:

  • Legal support for your designated DPO;
  • GDPR training and guidance at every level of the business;
  • Conducting or overseeing data audits in order to create accurate and appropriate data protection records and privacy notices;Reviewing, drafting and monitoring key data protection policies, procedures and precedents to ensure GDPR compliance such as: privacy notices; DPIAs; data breach procedures and, subject access guidance;
  • Reviewing website compliance;
  • Reviewing and updating data processing agreements to ensure they fulfil the required obligations at all times; Providing advice on correct handling of subject access requests, including issues such as document reviews and redactions; Advice and support for data breaches;
  • Legal representation for matters involving the Information Commissioner’s Office.

Unlike a traditional law firm, our experts have the flexibility to work with you exactly when and where you need them and thanks to our flexible approach to fees, we offer extremely competitive pricing. Get in touch today to find out more.

Who can represent me?

Our lawyers are listed A-Z by Surname

Andrew Elishahoff

+44 (0)20 7504 7071
00972 50 255 6668

Yasmine Lupin

+44 (0)20 7504 7071 ext 13
07957 977 600

Lisa McClory

+44 (0)01691 655 060 ext. 2279

Trusha Patel

+44 (0)3300 24 24 20 – ext 6
07512 374167
Value for money
Client focus
Client focus

Are you looking for Nexa to represent you?

Talk to Nexa

Why instruct Nexa?

Key Benefits

A guide to becoming a Nexa Consultant

Our Brochure

How are we different?

Our Core Values

Who will represent me?

Meet the Team

Looking for Nexa to represent you?

Get in touch with us today

Talk to Nexa
Did you find this page useful?