Skip to content
Sub practice
Sub practice

Data Protection

In an increasingly regulated environment, businesses need to manage their data in order to manage their reputational and financial risks.

Across our international network, our data protection practitioners advise leading corporations and financial institutions on all aspects of compliance with data privacy law.

We carry out cross-border data privacy surveys for clients, both to review their existing processes and procedures and to help set up new ventures.  With significant experience of designing, drafting, reviewing and updating internal policies as well as 3rd party contracts, we support clients with data collection and consents; cross-border data transfers; data monetization and ethics; liability and penalties; Privacy by design; automated data processing and profiling; and interactions with the relevant data protection authorities. We also advise clients on the implications of freedom of information legislation, how to mitigate risk and the potential to use the legislation for competitive advantage. ; 

Our team draws on specialists from a variety of complementary disciplines including employment and benefits, financial services, intellectual property, outsourcing, regulatory and regulatory litigation to deliver a comprehensive approach to our clients' data protection needs.

With strong working relationships with regulators across our network, we have developed a nuanced understanding of the attitude of regulators and to assist clients with risk-based analysis.  This means we provide our clients with a quick and efficient response – regardless of time zone.  Our global presence, together with the extensive experience of our integrated international data protection group, sets us apart from many of our competitors.  We have detailed experience in each jurisdiction, which brings valuable insight to managing the differing legal systems, cultures and regulatory regimes.

We are active participants in the privacy community, including the International Association of Privacy Professionals and regular speakers at industry events as well as contributing to industry publications.

News & insights

Abstract graphic

Publications: 30 MARCH 2020

Covid-19 coronavirus: emerging data protection and cybersecurity guidance

The Covid-19 coronavirus is creating a need for organisations to process personal data, for a variety of specific purposes (including managing and protecting their workforce, customers and the public).  Many of these processing activities are not part of “business as usual”, so established policies and protocols may not exist. Organisations face a challenge to ensure that this processing complies with data protection and privacy laws, particularly given the urgency behind some of these processing activities and other pressures, which means there is limited time available for consideration and consultation.

Read more

News: 27 MARCH 2020

Allen & Overy advises One Peak on the investment in DataGuard

Allen & Overy has advised One Peak on its investment in DataGuard, a leading European provider of privacy, compliance and IT security services.

Read more

Publications: 18 MARCH 2020

Covid-19 coronavirus – hot topics from a Luxembourg law perspective

The Covid-19 coronavirus has had a significant impact on businesses across all sectors and we have received various requests for urgent advice from a Luxembourg perspective. We have decided to share a list of the main topics raised by our clients, so that it might help others to prepare. We will update this as the days and weeks go by – this is of course a rapidly evolving situation.

Read more
coronavirus

Publications: 16 MARCH 2020

Coronavirus - what is the current situation in Germany?

In order to contain the Coronavirus the German federal states as well as the German government have put strict measures into place. Schools and kindergartens have been closed as well as borders to most neighbouring states for private travel. In order to mitigate the economic consequences, the German government announced a comprehensive package of measures.

Read more

The EU General Data Protection Regulation microsite

After over four years of discussion, the new EU data protection framework was adopted on 8 April 2016.

It takes the form of a Regulation – the General Data Protection Regulation (GDPR).

Download the practice brochure

Data Protection_GDPR_Content Promo_Sept_19

Why data protection has become a crucial and complex topic for companies.

A&O Digital Hub

Focusing on the latest digital trends and risks and developments in the field of data protection, privacy, information and cyber law.

Recognition