Data Protection

Kingsley Napley’s GDPR and Data Protection team brings together extensive specialist experience advising individuals, businesses and public bodies on all types of data protection issues.

Find out how we can help

Data protection law is an issue that cannot be ignored, especially given the enhanced rights and obligations of the General Data Protection Regulation (GDPR). Our highly experienced data protection lawyers advise on a broad range of complex data protection issues. 

The significance of data protection law continues to grow and raises issues of fundamental importance to individuals, businesses and organisations. We help individuals and business negotiate this complicated area of law, ensuring personal data is protected and helping to manage the consequences when it is not.

Assisting you in complying with the data protection law

Our specialist team can provide your organisation with properly targeted, well-rounded and expert legal advice so you can meet the expectations of the GDPR.


Supporting you in the event of data breach

The financial and reputational damage caused by a data breach can have devastating consequences to businesses and organisations.


Data Protection Solicitors

Our data protection team comprises individuals from a wide range of disciplines including public lawemploymentcorporate and commercialcriminal litigationimmigration, and regulatory, providing you with properly targeted, well-rounded and expert advice.

Data Protection Insights

View all


The privacy dilemma surrounding the coronavirus contact tracing app

COVID-19 and contact tracing apps: A test of public confidence in data privacy?

ICO enforcement – key considerations for businesses and organisations in 2020

An early Christmas present for the tech sector from the CMA?

Data protection for your business after a no-deal Brexit

“WhatsApp” with Dominic Grieve’s motion for Brexit communications?

Overhaul of SARS regime to be welcomed

WhatsApp messages: a treasure trove of evidence in team moves

How to respond to a subject access request: a step by step guide for organisations

Innovation and data protection compliance: when opposites attract

Our current Brexit options and the consequences for UK data protection law

GDPR Compliance for US Companies

Brexit Update: EU-US Privacy Shield

GDPR for the UK: Brexit and international transfers of personal data

Care homes take heed: if you have failed to pay the ICO data protection fee you could be breaking the law

GDPR and Brexit: the draft withdrawal agreement and data transfers from the EU

Data Protection and the Law of Unintended Consequences…

Disclosure of Suspicious Activity Reports may not amount to Tipping-off, says High Court

Data Protection Act 2018 and law enforcement: an introduction

The Data Protection Act 2018: new criminal offences for data breaches

Data breach reporting – the only way is up

Joint data controllers – yet more data protection uncertainty

Some welcomed guidance for data controllers: Court of Appeal confirms the correct test to be applied when considering a SAR concerning mixed data

GDPR: The significance of the new principle of accountability

The ICO’s Regulatory Action Policy: What to expect in the new GDPR era

GDPR: A guide for therapists

UK-EU security cooperation post Brexit (Part II) - ringing the alarm bell!

UK-EU security cooperation after Brexit (Part I) - approaching the cliff edge

The Data Protection Bill - New Criminal Offences for Data Protection Breaches On Their Way to the Statute Book

Subject Access Requests under the GDPR: What employers need to know

Data protection: A new board room priority

GDPR & Brexit: Data transfers from the EU and the UK’s new status as a “third country”

The £17 million Question - What will the ICO’s enforcement powers be under the GDPR, and how will they be used?

Social Media Giants vs Children – the truth behind social media contracts

An introduction to contracts between data controllers and data processors under the General Data Protection Regulation

When is a data controller liable for the criminal acts of a rogue employee?

The real impact of the GDPR… new notification obligations

An introduction to Data Protection Officers under the GDPR: Should you appoint one?

The EU-US Privacy Shield – One Year On and Still Going Strong

Data Protection – can employers still monitor employees’ communications in light of Barbulescu v Romania?

Block chain: Is the GDPR out of date already?

Implications of GDPR and new Data Protection Bill for employers

Data Protection – 10 further top tips for responding to subject access requests

The Queen’s Speech 2017 – Setting the parliamentary agenda

More to do on cyber-security: half of UK businesses suffer cyber-security breach

Data Protection – even MORE practical guidance from recent case law on subject access requests

Further chinks in the armour? EU-US Privacy Shield and the concerns of MEPs

Patient confidentiality in the spotlight

The GDPR: What do employers need to be doing now?

Entrepreneurs and small businesses need to prepare now for the new data protection regime

The first challenges to the EU-US Privacy Shield

Close Load more

Skip to content Home About Us Insights Services Contact Accessibility