Popular search terms

Click each term for related articles
COVID-19 Business awareness hub
Climate Change
Disputes Funding
Clyde Code
Resilience
Training contract
Careers

Expertise

Data Protection & Privacy

We provide businesses with full service data protection and privacy advice across all industry sectors, enabling clients to focus their resources on other business needs.

Data privacy and protection is absolutely fundamental to all types of organisation due to the increasing threat of malicious hackers with the ability to leverage and monetise information.

Multi-national organisations face a web of complex and conflicting laws and regulations surrounding the collection, use, retention, and disclosure of information.

This requires careful attention to data privacy at every stage of the business cycle to avoid the negative publicity surrounding data breaches.

Our team brings together a wealth of experience across a range of sectors and industries to keep you on the cutting edge of developments in the industry. Our strong working relationships with the regulators and industry bodies enable us to resolve issues and provide practical commercial advice.

We advise a wide range of businesses including retailers, insurers, hospitals, information service providers, technology start-ups, financial institutions, educational institutions and governments across the world on the full range of data issues.

Data Protection & Privacy insights

Cyber Risk

English High Court permits service by NFT

Climate Change | Energy & Natural Resources

Energy tech | Technology and efficiency in a revolutionised energy sector

Data Protection & Privacy

Changes to technology and data laws in Saudi Arabia

Cyber Risk

Facebook Found Liable in Privacy Class Action

Australia: The dawn of a new AFSL cyber risk management standard – Implications of the RI Advice Gro

Privacy Awareness Week: 5 tips for improving your organisation’s privacy and cybersecurity practices

Casualty claims | Insurance & Reinsurance

Casualty | Client collaboration drives rapid digitalisation in casualty insurance

Data Protection & Privacy

Bahrain issues new privacy guidelines supplementing the Personal Data Protection Law

28 April 2022

Employment, Pensions & Immigration

Government announces new statutory code to protect employees from “fire and rehire” tactics to chang

06 April 2022

Data Protection & Privacy

Qatar Financial Centre updates its data protection law in line with the GDPR

06 April 2022

View all Data Protection & Privacy insights

Our Data Protection Work

All
Americas
Asia Pacific
Middle East
UK & Europe

Compliance with local and international data protection and privacy legislation

Advising clients on their compliance with local and international data protection and privacy legislation, in particular in relation to the legal requirements relating to security of personal information, in the event of a data breach

Australia

Internal data sharing security and management policies

Advising international reinsurance company on internal data sharing security and management policies

Australia

Advice on data protection for online sales

Advising on data transfer, data protection and privacy in relation to the sale of an online portal and the spin-out of certain other online businesses

United Kingdom

Advice regarding data policy implementation

Advising on and drafting cyber policy wordings for the London market

United Kingdom

Advice regarding handling of consumer data breach

Advising US insureds and insurers with respect to the handling of consumer lawsuits arising from data breaches

United States

Advice relating to data storage and disaster recovery

Advising clients on the international transfer of data for the purposes of data storage and disaster recovery

United Kingdom

Advising clients on compliance with the new EU General Data Protection Regulation

Clyde & Co acts for a number of airlines in respect of their data protection compliance, often carrying out large scale compliance projects regarding the protection and use of personal data and general data and document retention. These complex projects involve analysing the collection and processing of personal data of an airline and ensuring that the airline is compliant with UK laws in this area including reviewing current agreements and policies in place and drafting appropriate data...

United Kingdom

Advising clients on the ‘breach readiness’ of their systems

Advising insurance and financial services clients on the review and audit of their systems and processes to ensure procedures are in place to detect, report and investigate personal data breaches

Australia

Advising high profile insureds and insurers regarding federal and state law requirements

Advising high profile US insureds and insurers with respect to federal and state law requirements in connection with large scale breaches involving personal information and protected healthcare information

United States

Advising on cyber hacking and loss of customer data

Advising a regulated business on the cyber hacking of its systems resulting in the loss of significant numbers of customer data including financial, sensitive personal data and credit card details, including identifying and assessing the risks, managing and mitigating loss and monitoring and reporting to the FCA, Fraud Squad and Information Commissioners Office

United Kingdom
Ensuring compliance of law relating to cyber risk insurance

Advising a Canadian insurer on cyber risk insurance wordings for use in the province of Quebec and compliance with Quebec law

Canada

International data breaches

International data breaches involving Fortune 100 companies and residents in numerous countries

United States

Data breaches arising from human or external error

Data breaches involving protected healthcare information (PHI) arising from both human error and external intrusions

United States

Business loss cause by service attack

A distributed denial of service attack, which caused the website of a major retailer to shut down for nearly 72 hours, leading to business interruption loss and other first party loss

United States

Coverage and monitoring counsel to cyber insurers

Coverage and monitoring counsel to cyber insurers in connection with the largest data breaches in history, including breaches involving over one hundred million lost records and cutting edge forensic investigations, which have resulted in substantial breach response costs, public relations expenses and business interruption losses, as well as class action lawsuits in the US and Canada, and regulatory investigations throughout the world

United States

Advising high profile insureds and insurers regarding federal and state law requirements

Advising high profile US insureds and insurers with respect to federal and state law requirements in connection with large scale breaches involving personal information and protected healthcare information

United States

Assist regarding the issuance of breach notification letters

Advising US insureds and insurers with respect to the issuance of breach notification letters in connection with data breaches

United States

Advice regarding handling of consumer data breach

Advising US insureds and insurers with respect to the handling of consumer lawsuits arising from data breaches

United States

Advising regarding regulatory investigations by the OCR etc

Advising US insureds and insurers with respect to regulatory investigations by the OCR and various state attorneys general following data breaches

United States

Advising on matters involving significant breaches of personally information

Analysing available coverage and advising insurers and insureds involved in significant breaches of personally identifiable information and/or protected health information regarding coverage and/or coverage limitations in connection with first party, regulatory and third party claims

United States
Advising clients on the ‘breach readiness’ of their systems

Advising insurance and financial services clients on the review and audit of their systems and processes to ensure procedures are in place to detect, report and investigate personal data breaches

Australia

First response to data breaches and cyber threats

Advising clients with regards to first response to data breaches and cyber threats, including in relation to cyber breaches, systems failures and inadvertent disclosures

Australia

Major government and regulatory inquiries/investigations

Managing major government and regulatory inquiries/investigations with expertise in dealing with all of the main Australian regulators including APRA, ASIC, ACCC and the OAIC

Australia

Data protection and privacy legislation

Advising clients on their compliance with local and international data protection and privacy legislation

Australia

Post breach review

Advising international financial services company on post breach review and enhancement of deficient systems, and in relation to staff training and awareness of systems and obligations

Australia

Internal data sharing security and management policies

Advising international reinsurance company on internal data sharing security and management policies

Australia

Compliance with local and international data protection and privacy legislation

Advising clients on their compliance with local and international data protection and privacy legislation, in particular in relation to the legal requirements relating to security of personal information, in the event of a data breach

Australia
Data protection legislation across the Middle East

Advising clients in respect of data protection legislation applicable in various jurisdictions in the Middle East, including the Dubai International Financial Centre, Qatar Financial Centre, Dubai Healthcare City, Dubai Technology and Media Free Zone and twofour54

United Arab Emirates

Online product compliance with GCC data protection laws

Advising a leading, household name technology company in relation to the compliance of its online products with data protection laws in various GCC countries.

United Arab Emirates

Employee monitoring policy in the DIFC

Advising a multinational bank on its policy for employee monitoring in the DIFC.

United Arab Emirates

UAE focused data protection policy for leisure company

Drafting a UAE focused data protection policy for a major hospitality and leisure company

United Arab Emirates

Significant data breach and employee disclosure

Advising a telecommunications hardware provider in relation to a significant data breach involving the disclosure of sensitive employee data

United Arab Emirates

CCTV in the office

Advising companies on the use of CCTV in office premises in various Emirates and free zones in the UAE

United Arab Emirates

International bank's data protection in the UAE

Advising an international retail bank on aspects of data protection, privacy and banking secrecy laws in the UAE and the DIFC

United Arab Emirates

DIFC data protection laws and regulations

Advising various ratings agencies and retail banks on the DIFC Data Protection Law and Regulations

United Arab Emirates

Data protection law compliance audit

Carrying out a data protection law compliance audit of a major insurer, including preparing questionnaires, interviewing personnel and preparing a report with recommendations and actions for the business to mitigate the identified risks

United Arab Emirates

University students phishing attack

Advising a university following a high profile phishing attack against its students’ university email addresses

United Arab Emirates
Advice on data protection for online sales

Advising on data transfer, data protection and privacy in relation to the sale of an online portal and the spin-out of certain other online businesses

United Kingdom

Advice regarding data policy implementation

Advising on and drafting cyber policy wordings for the London market

United Kingdom

Advice relating to data storage and disaster recovery

Advising clients on the international transfer of data for the purposes of data storage and disaster recovery

United Kingdom

Advising clients on compliance with the new EU General Data Protection Regulation

Clyde & Co acts for a number of airlines in respect of their data protection compliance, often carrying out large scale compliance projects regarding the protection and use of personal data and general data and document retention. These complex projects involve analysing the collection and processing of personal data of an airline and ensuring that the airline is compliant with UK laws in this area including reviewing current agreements and policies in place and drafting appropriate data...

United Kingdom

Advising on cyber hacking and loss of customer data

Advising a regulated business on the cyber hacking of its systems resulting in the loss of significant numbers of customer data including financial, sensitive personal data and credit card details, including identifying and assessing the risks, managing and mitigating loss and monitoring and reporting to the FCA, Fraud Squad and Information Commissioners Office

United Kingdom

Advising regarding email data breaches

Advising a university following a high profile phishing attack against its students’ university email addresses

United Kingdom

Cyber liability & data breach insurance policies

Providing review and drafting of policy wordings for cyber liability and data breach insurance policies

United Kingdom

Data & information management

Advising in regards to data and information management, including compliance, auditing and risk management

United Kingdom

Data dispute resolution

We are highly experienced in data dispute resolution, including court, tribunal and enforcement representations

United Kingdom

Data privacy & security advice

Advising on data privacy and security including data breach investigation and response

United Kingdom

Related services

Our Data, Protection & Privacy team

Lee Astfalck

Partner

Nicholas Bathurst

Partner

Richard Berkahn

Partner

Scott Bertschi

Partner

Mark Beswetherick

Partner

Ian Birdsey

Partner

Harry Boyle

Partner

Anthony Brown

Partner

Chris Burdett

Partner

Fergal Cathie

Partner

Joyce Chan

Partner

View all Data, Protection & Privacy partners

Show more