Kosnahan Law offers a steady pair of hands in assisting and advising on Data Protection & Privacy related legislation, including the many rights and obligations which arise for individuals and businesses, whether under General Data Protection Regulation (“GDPR”), Privacy Electronic Communication Regulation or associated rules.
As a qualified Data Practitioner (DP.TP), Kosnahan Law’s Managing Director has practical business experience in such matters through existing and previous appointments as Data Protection Officer for multiple businesses, including historically over many years for Tier 1 UK and Isle of Man regulated online gambling businesses, international customer call centres, property holding companies, fintech businesses and more.
Previous experience in these roles for regulated and private business, ensures timely and pragmatic advice to our clients on many of the daily Data Protection & Privacy matters which arise.
If you have a new product or service, Data Protection & Privacy considerations can be a minefield and need to be considered right from the start. Do you require a Data Protection Registration? What data are you processing? Is it personal data or sensitive personal data? How and where will it be processed and by who? Do you have consent to such processing? Is it stored in the cloud? Is it encrypted at rest? What happens if you receive a subject access request? Do you have appropriate processes, policies and procedures in place? These are some of the many questions businesses of all sizes will need to consider. At Kosnahan Law, we can help.
For existing business, processing of personal data needs effective scrutiny and ongoing monitoring. Our legal and consultancy services specific to Data Protection & Privacy include:
- Advice to Controllers and Processors
- Guidance on Data Protection Strategy
- Reviews, advice and guidance on Data Processing Policies and Procedures
- Drafting data protection policies
- Reviews, advice and guidance on cookie implementation and policies
- Drafting cookie policies
- Drafting relevant website privacy policies and terms and conditions
- Preparing Standard Contractual clauses for International Transfers
- Undertaking detailed Data Mapping exercises and preparing associated reports
- Undertaking Privacy Impact Assessments (PIAs) for new products and services
- Undertaking compliance reviews in advance of regulatory visits
- Advising on subject access request procedures and handling requests, responses, complaints and enforcement
- Advising on obligations and requirements surrounding direct marketing and compliance with privacy and electronic communication and advertising rules
- Advice on Data breaches
- Assisting and Advising on enquiries or investigations from the Information Commissioner’s Office
- Review of contract terms for third party products and services
- Handling investigation, breaches and complaints
- Handling Data protection disputes and subject access requests
- Consideration of ownership and licensing of data bases and associated rights
- General advice on General Data Protection Regulation
For a personal service and to see how we can assist, contact us.