GDPR Compliance

Home Services Data Protection GDPR Compliance

Our specialist GDPR compliance team can provide you with practical, properly targeted, expert legal advice. Our data protection team comprises individuals from a number of disciplines including our corporate and commercial, employment and public law departments. We can:

Assist you in conducting a data processing audit
Advise upon the lawful bases of processing, including reliance upon consent
Draft privacy notices to meet the new standards of transparency
Advise upon website policies and cookies notices
Update contracts with data processors (including software and cloud service providers)
Advise upon international transfers, including implementing EC Model Contract Clauses
Advise on data protection aspects of corporate transactions, including asset and share sales.
Advise on electronic marketing in compliance with the Privacy and Electronic Communication Regulations
Advise upon the appointment, role and responsibilities of a data protection officer
Assist in maintaining records to demonstrate your data protection compliance

We can support the creation of a culture of data protection compliance throughout your organisation by:

Updating your information handling policies and procedures
Creating and present bespoke training

Our team includes specialist employment lawyers who can advise you about the handling of your employee data including:

Revising your contracts of employment and preparing privacy notices for employees
Reviewing relevant policies, including monitoring of employees, and retention / deletion of employee data
Advising concerning recruitment processes and preparing privacy notices for candidates
Assisting you in the event of receiving subject access requests in the context of employment disputes

CONTACT OUR COMPLIANCE TEAM >

Public Law

GDPR and Data Protection

Public Inquiries and Inquests

Partner

Email Emily

Melanie Hart

Dispute Resolution

Partner

Kirsty Churm

Employment

Legal Director

Edward Jones

Criminal Litigation

Senior Associate

Fred Allen

Public Law

Senior Associate

Caroline Sheldon

Corporate, Commercial & Finance

Associate

View key contacts

GDPR and Data Protection Insights

Blog

Top five takeaways from the Data (Use and Access) Act 2025

Christopher Perrin

Blog

A game changer for data processors? The ICO issues a significant fine against a processor

Christopher Perrin

Blog

Are personal details in asylum claims kept confidential? Protecting the privacy of asylum seekers and safeguarding confidentiality

Lavanya Loganathan

View all

Some welcomed guidance for data controllers: Court of Appeal confirms the correct test to be applied when considering a SAR concerning mixed data

Let us take it from here.

+44 (0)20 7814 1200

gdprenquiries@kingsleynapley.co.uk

21 October 2025

Breakfast seminar - US Expansion: Pitfalls and Opportunities in the Current Economic Climate

14 October 2025

Giving Nature a voice in the Boardroom

1 October 2025

'Responding to a Crisis’ half day conference

23 September 2025

Kingsley Napley's Tech Law Breakfast Briefing: who owns your code - and what’s it worth?

8 July 2025

Private Equity investment in the Professional Services sector webinar

Neurotechnology and the future of clinical negligence claims

Complexities of US state-level taxes

Assisting you in complying with the data protection law

+44 (0)20 7814 1200

Contact the team

Public Law

GDPR and Data Protection

Public Inquiries and Inquests

Melanie Hart

Dispute Resolution

Kirsty Churm

Employment

Edward Jones

Criminal Litigation

Fred Allen

Public Law

Caroline Sheldon

Corporate, Commercial & Finance

You may also be interested in:

→ Data Protection

→ Dealing with a Data Breach

→ Corporate, Commercial & Finance

→ Employment

→ Public Law

→ Commercial & Technology Contracts, Outsourcing & Data

→ Employment contracts, policies and procedures

GDPR and Data Protection Insights

Blog

Top five takeaways from the Data (Use and Access) Act 2025

Blog

A game changer for data processors? The ICO issues a significant fine against a processor

Blog

Are personal details in asylum claims kept confidential? Protecting the privacy of asylum seekers and safeguarding confidentiality

Blogs

The UK-US Data Bridge: A Shift in Transatlantic Data Sharing

Data Subject Access Requests: Should organisations expect the burden of responding to ease?

ICO regulatory update: The only constant is change Spring 2023

ICO enforcement action – key considerations for charities in the GDPR era

ICO enforcement – key considerations for businesses and organisations in 2020

An early Christmas present for the tech sector from the CMA?

Data protection for your business after a no-deal Brexit

“WhatsApp” with Dominic Grieve’s motion for Brexit communications?

How to respond to a subject access request: a step by step guide for organisations

Innovation and data protection compliance: when opposites attract

Our current Brexit options and the consequences for UK data protection law

GDPR Compliance for US Companies

Care homes take heed: if you have failed to pay the ICO data protection fee you could be breaking the law

GDPR and Brexit: the draft withdrawal agreement and data transfers from the EU

Data Protection Act 2018 and law enforcement: an introduction

The Data Protection Act 2018: new criminal offences for data breaches

Data breach reporting – the only way is up

Joint data controllers – yet more data protection uncertainty

Some welcomed guidance for data controllers: Court of Appeal confirms the correct test to be applied when considering a SAR concerning mixed data

GDPR: The significance of the new principle of accountability

GDPR: A guide for therapists

The Data Protection Bill - New Criminal Offences for Data Protection Breaches On Their Way to the Statute Book

Subject Access Requests under the GDPR: What employers need to know

Data protection: A new board room priority

Let us take it from here.

Connect With KN LinkedIn .cls-1 { fill: #fff; fill-rule: evenodd; } X .cls-1{fill:#FFFFFF;}

→

Data Protection

→

Dealing with a Data Breach

→

Corporate, Commercial & Finance

→

Employment

→

Public Law

→

Commercial & Technology Contracts, Outsourcing & Data

→

Employment contracts, policies and procedures

Connect With KN LinkedIn X