Skip to content
Sub practice
Sub practice

Data Protection

In an increasingly regulated environment, businesses need to manage their data in order to manage their reputational and financial risks.

Across our international network, our data protection practitioners advise leading corporations and financial institutions on all aspects of compliance with data privacy law.

We carry out cross-border data privacy surveys for clients, both to review their existing processes and procedures and to help set up new ventures.  With significant experience of designing, drafting, reviewing and updating internal policies as well as 3rd party contracts, we support clients with data collection and consents; cross-border data transfers; data monetization and ethics; liability and penalties; Privacy by design; automated data processing and profiling; and interactions with the relevant data protection authorities. We also advise clients on the implications of freedom of information legislation, how to mitigate risk and the potential to use the legislation for competitive advantage. ; 

Our team draws on specialists from a variety of complementary disciplines including employment and benefits, financial services, intellectual property, outsourcing, regulatory and regulatory litigation to deliver a comprehensive approach to our clients' data protection needs.

With strong working relationships with regulators across our network, we have developed a nuanced understanding of the attitude of regulators and to assist clients with risk-based analysis.  This means we provide our clients with a quick and efficient response – regardless of time zone.  Our global presence, together with the extensive experience of our integrated international data protection group, sets us apart from many of our competitors.  We have detailed experience in each jurisdiction, which brings valuable insight to managing the differing legal systems, cultures and regulatory regimes.

We are active participants in the privacy community, including the International Association of Privacy Professionals and regular speakers at industry events as well as contributing to industry publications.

News & insights

Bird's eye few of five people sitting around a table in a work setting

News: 10 SEPTEMBER 2020

Jane Finlayson-Brown and Katinka Middelkoop recognised for excellence in their fields at 2020 European Women in Business Law Awards

Allen & Overy Corporate partners Jane Finlayson-Brown and Katinka Middelkoop have been awarded prizes for ‘Best in Privacy and Data Protection’ and ‘Best in M&A’ respectively at the 2020 European…

Read more

Publications: 30 JUNE 2020

Webinar: Cybersecurity – How to respond to an incident

Allen & Overy partners with leading security experts, Kroll, to discuss how to respond to a cybersecurity incident. In light of the heightened threat level due to remote working and disruption caused…

Read more
Abstract graphic

Publications: 19 JUNE 2020

Covid–19 coronavirus: emerging data protection and cybersecurity guidance (Updated 18 June 2020)

The Covid-19 coronavirus is creating a need for organisations to process personal data, for a variety of specific purposes (including managing and protecting their workforce, customers and the…

Read more
Computer hardware

Publications: 29 MAY 2020

Active user consent is required, while previously practiced opt-out mechanisms are unlawful

On 28 May 2020, the German Federal Court of Justice (Bundesgerichtshof; BGH) issued its decision in the Planet49 case that had previously been referred to and decided on by the Court of Justice of the…

Read more

The EU General Data Protection Regulation microsite

After over four years of discussion, the new EU data protection framework was adopted on 8 April 2016.

It takes the form of a Regulation – the General Data Protection Regulation (GDPR).

Download the practice brochure

Data Protection_GDPR_Content Promo_Sept_19

Why data protection has become a crucial and complex topic for companies.

A&O Digital Hub

Focusing on the latest digital trends and risks and developments in the field of data protection, privacy, information and cyber law.

Recognition