Data Protection

Data Protection

Data protection is the area of law which includes the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (“DPA”), these regulatory and enforcement provisions are overseen by the Office of the Information Commissioner (“ICO”). As the owner of a business, protecting your company data is vital, the GDPR and DPA regulate the control and processing of data by entities such as companies, firms and sole traders established in the UK.

Our data protection solicitors can advise you on a range of data protection law, from what is covered by data protection, preventing breaches and violations to who needs to register, and following the principles in the Data Protection Act 2018.

With the GDPR introduced since 25 May 2018, you may need legal advice on your existing data and privacy processes to make sure you remain compliant with this new regulation.

How does Brexit effect the DPA 2018 and the GDPR?

The GDPR has been transposed in to UK law as the UK GDPR. If you receive personal data from the EU or EEA then it can continue to flow as usual, unless it falls in the DPA 2018 immigration exemption. Within the UK, you must comply with DPA 2018.

What else does the DPA 2018 cover?

  • The DPA 2018 has a part dealing with processing that does not fall within EU law, for example, where it is related to immigration. It applies GDPR standards but it has been amended to adjust those that would not work in the national context.
  • It also has a part that transposes the EU Data Protection Directive 2016/680 (Law Enforcement Directive) into domestic UK law. The Directive complements the General Data Protection Regulation (GDPR) and Part 3 of the DPA 2018sets out the requirements for the processing of personal data for criminal ‘law enforcement purposes’.
  • National security is also outside the scope of EU law. The Government has decided that it is important the intelligence services are required to comply with internationally recognised data protection standards, so there are provisions based on Council of Europe Data Protection Convention 108 that apply to them.
  • There are also separate parts to cover the ICO and our duties, functions and powers plus the enforcement provisions. The Data Protection Act 1998 is being repealed so it makes the changes necessary to deal with the interaction between FOIA/EIR and the DPA.​

How Oracle Solicitors can help you

We can provide an expert service, covering all data protection issues your business could encounter. Our service includes explaining and dealing with:
  • Any registration processes
  • Buying and selling databases
  • Complaints made to the Information Commissioner’s Office (ICO)
  • Conducting a data privacy impact assessment
  • Contractual agreements and data protection clauses to protect your business
  • Data breach issues, including reporting
  • Data export issues with countries outside of Europe that do not provide “an adequate level of protection” under EU law, such as data transfer and international cloud computing
  • Data protection assessments and audits
  • Data retention and when records should be destroyed
  • Drafting data protection policies and processes
  • Your obligations under the current Data Protection Act 2018 and the GDPR
  • Due diligence when appointing new business partners
  • Electronic communications and marketing
  • Formal enforcement action by the regulator (ICO)
  • Staff training
  • Subject access requests and the new subject rights under GDPR
  • When you need to appoint a data protection officer and their duties of governance
  • Your data processing and sharing agreements
  • Your existing and potential websites and other digital user applications, including policies related to privacy, consent mechanisms, privacy dashboards, terms of use and cookies
  • Your obligations over the handling of employee data, recruitment and monitoring practices

Whether malicious or inadvertent, internal or external, breaches of data security have the potential to cause extreme disruption to individuals and businesses. As the frequency, severity and public awareness of data incidents have grown, the risks of reputational damage, substantial regulatory penalties and litigation from aggrieved data subjects have increased significantly, pushing business concern over data protection ever higher up in the corporate agenda.

Oracle Solicitors advises businesses and individuals with regard to data security, data protection policies, ICO investigations and audits, GDPR compliance and the defence of criminal and administrative proceedings under the data protection legislation.

We can ensure that mistakes are put right, private information stays private and that compensation is received for financial damage and emotional distress.

The sentencing for GBH can be a maximum of life imprisonment if there was intent in the assault. Less serious offences, ‘wounding without intent’, have a maximum prison sentence of five years.

  • Aviation House, 125 Kingsway
    London WC2B NH
    United Kingdom
  • (+44) 020-3051-5060

Book a call back

Fill out our form and one of our experts will get back to you.