Skip to content

Jane Finlayson-Brown

Partner

London

Finlayson-Brown Jane
Jane Finlayson-Brown

Partner

London

Jane specialises in outsourcing, data, technology/IT and commercial transactions. She works on large scale outsourcing, procurement, and technology projects across a range of sectors, acting for both customer and suppliers. She advises on IT projects as well as business process outsourcings.

Jane’s transactional practice includes helping clients with transformational digitalisation projects that often have the use of data at their core but which often also involve the implementation of new technologies or processes. She is a highly experienced contracts draftsperson and negotiator and regularly works with colleagues in our financial services, payments and fintech practices more broadly to execute transactions that involve regulated financial services components as well as data protection issues.

She also regularly advises companies on the use of data in the provision of consumer and business products, including on issues relating to repurposing of data, profiling, AI, ad-tech and direct marketing.  She also advises on a wide range of other data protection issues such as data subject requests, data security breaches, data protection investigations, cross border data transfers (including in the aftermath of Schrems II), transfers of data to overseas regulators, customer relationship management, employee monitoring, data protection policies and procedures and website compliance issues. These projects often involve grey zone areas where there is a heightened privacy risk, where Jane helps companies make strategic decisions.

Jane is recognised as a Leading Individual for Data Protection, Privacy and Cybersecurity (Legal 500, 2021) and was awarded “Best in Privacy and Data Protection” at the 2020 European Women in Business Law Awards. She worked alongside her fellow partner, Ben Regnard-Weinrabe to write a chapter on the intersection of payments and data protection requirements for FinTech: Law and Regulation (Elgar Financial Law and Practice series) Edited by Jelena Madir.

News & insights

Person tapping contactless payment on card machine

Blog Post: 09 AUGUST 2021

Italian data protection supervisory authority fines two food delivery companies for non-compliant algorithmic processing

On 2 August 2021, the Italian supervisory authority (Garante) announced that is has imposed a fine of EUR 2.5 million against a food delivery company Deliveroo Italy s.r.l. (Deliveroo) for violation…

Read more
Mobile phone with security app on screen

Blog Post: 26 JULY 2021

CJEU Advocate General interprets direct marketing by email and targeted advertising under ePrivacy Directive

On 24 June 2021, the Advocate General (AG) of the Court of Justice of the European Union (CJEU) issued his opinion on the preliminary ruling request submitted by Germany's Federal Court of Justice…

Read more
World map with graph information overlaid

Blog Post: 12 JULY 2021

EDPB addresses codes of conduct as transfer tool and finalises the guidelines on the concepts of controller and processor and on virtual voice assistants

On 8 July 2021, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place on 7 July. 

Read more
An image of an ink nib touching paper

Blog Post: 05 JULY 2021

Schrems II Update - July

French CNIL issues guidance for organisations on transfer impact assessments, German DSK releases statement on supplementary measures and SCCs, and Hessian DPA comments on data transfer obligations…

Read more

Office

London

Allen & Overy LLP
One Bishops Square
London
E1 6AD

View office →

Qualifications

Professional

Admitted as solicitor, England and Wales, 1994

Academic

CPE, The College Of Law, York, 1991

Law Society Finals, The College Of Law, York, 1992

BA (Hons), Music, Pembroke College, Oxford University, 1997