Information law, data protection and privacy

Information law, data protection and privacy involve a balancing act of competing rights and obligations. We can help guide you through the complexities.

Information law, data protection and privacy go to the very core of professional and personal interests, involving the delicate balancing of competing rights and obligations. Organisations must ensure that they comply with a wide range of legislation and regulatory guidance or face serious financial and reputational damage.

We are experienced in advising on the full spectrum of issues, including:

  • Proactive audits of compliance and best practice under legislation including the Data Protection Act 2018, the GDPR, the Freedom of Information Act 2000 and the Environmental Information Regulations 2004.
  • Defending your interests before the Information Commissioner and the Information Tribunals.

Our lawyers

Our expert lawyers have vast experience in providing strategic advice on information, privacy and data matters.

Our experience

  • Advising on a range of privacy matters, including drafting GDPR privacy notices, advising on the use of CCTV on clients’ premises, and advising the European Commission/TRL on legal issues around accessing in-vehicle data.
  • Assisting public sector clients in dealing with complex requests for information relating to confidential and commercially sensitive material, including complaints to the Information Commissioner’s Office.
  • Advising education organisations on appeals before the Information Tribunals in relation to the Freedom of Information Act 2000 and the Environmental Information Regulations 2004. This included requests for pre-publication academic research, access to course materials and employee salary disclosure.
  • Successfully representing an NHS trust client in Information Tribunal proceedings relating to access to deceased family members’ personal data.
  • Providing detailed, strategic risk management advice on a range of sensitive data security breaches to address the issues with minimal disruption to the clients' operations and manage staff communication and relations.
  • Advising a range of clients on data sharing activities, including proposed transfers outside of the EEA.
  • Providing on-site data protection audit services to ensure that information systems comply with legislation.

Our clients

We act for clients from across the private, public and charitable sectors, including: 

  • Children’s Investment Fund Foundation (UK)
  • BBC Children In Need
  • British Council
  • NHS England
  • Arm
  • Greene King
  • Advance HE
  • University of East Anglia
  • Financial Conduct Authority

GDPR

The EU General Data Protection Regulation (GDPR) and Data Protection Act 2018 are now in force.

Further reading

Sidebar content

Search

Mills & Reeve Sites navigation
A tabbed collection of Mills & Reeve sites.
Sites
My Mills & Reeve navigation
Subscribe to, or manage your My Mills & Reeve account.
My M&R
Register or login

Register or login Get all the benefits of MyM&R but registering or logging in ulla vehicula mauris mattis hendrerit fermentum. Etiam placerat hendrerit dapibus. Praesent ligula felis, eleifend sed odio quis, feugiat eros. Aliquam vitae felis fermentum, posuere nulla ut, maximus magna.

Register
Log in
Staff intranet
Log in to the intranet
Client extranet
Log in to the extranet

Please accept our use of cookies

We use cookies to help us understand how this website is used by our visitors, by continuing to use this site you are giving your consent to do this. Find out more.

Okay, got it
Close overlay