Data Protection Overview

Briffa has been helping organisations and individuals successfully navigate the choppy waters of personal and sensitive data for over 25 years. Our specialist solicitors can advise on all aspects of data protection, including GDPR requirements, website privacy policies, internal data protection policies and third-party data protection agreements.

Given our extensive background in intellectual property law, our lawyers have a lot of experience in data protection and GDPR. We can ensure your data remains secure whilst retaining its value. Typically, we’ll provide businesses small and large with specialist legal advice covering the following:

  • All aspects of GDPR
  • Website privacy policies
  • Internal data protection policies
  • Third-party data protection agreements
  • Subject Access Requests
  • Registration with the Information Commissioner
  • Lawful data collection, storage, and retention
  • CCTV and privacy legal issues
  • Direct marketing, legal requirements, and restrictions
  • Selling online and customer security
  • Freedom of Information
  • Digital marketing, cold calling, cookies, and email sign-ups


“Excellent service. Fast, friendly, diligent, and pragmatic. Briffa very helpfully explained legal wording in layman’s terms which helped decisions on clauses to include, delete, keep, or challenge.”

– Simon Fenn, Client

How can we help?

Protect Valuable Data

Your commercial data is likely highly valuable, so taking the right steps to mitigate the risk of deliberate or inadvertent leakage of sensitive information is critical.

Our solicitors will provide you with all the benefits of our data protection expertise and experiences, plus whatever advice or support you require to protect your intellectual property assets properly.

GDPR Compliance

The EU’s latest data privacy law, the General Data Protection Regulation (GDPR), was implemented across the EU in May 2018. The law applies to any business processing data of EU citizens, regardless of where that business is located – meaning it’s still applicable to many UK businesses despite leaving the UK (regardless, the UK has retained the GDPR in domestic law).

We are thoroughly versed in all areas of GDPR, and we can help protect you from non-compliance penalties, which can run to €20 million or 4% of your annual worldwide turnover, whichever is higher. We will ensure your website privacy policies, internal data protection policies, and data processing procedures are all compliant and secure.


We’re recognised for the quality of our services by the Legal500, having provided specialist intellectual property services for over 25 years.

We offer a free consultation to discuss your data protection needs before providing a fixed-fee quote for our services.

We have offices in London, UK and Cork, the Republic of Ireland, plus a global network of associates.

We offer an industry-leading service with short turnaround times and business-focused advice.

Frequently Asked Questions

Does my business need to worry about data protection?

In the UK, all businesses that collect personal information about their customers and employees must be compliant with data protection regulations. Given that almost all businesses now collect some form of personal data, very few are exempt. It’s key any personal data is collected and stored securely, and it must be transparent how your businesses will use an individual’s personal data.

What is the GDPR?

The General Data Protection Regulation (GDPR) is an EU law concerning the privacy of personal data. The law has several core components which cover accountability, accuracy, security, storage, transparency, what is collected, and why. GDPR applies to any company processing data of EU citizens.

Non-compliance with GDPR can prove costly, as fines can reach £20 million or 4% of global annual turnover (whichever is higher). It’s therefore imperative that businesses processing personal seek astute legal advice to ensure compliance.

Does GDPR apply in the UK?

Despite leaving the EU, the UK retains the GDPR in domestic law. This is called UK GDPR and it sits alongside the Data Protection Act 2018 at the forefront of the UK’s data privacy laws.

One difference is that whilst the original GDPR concerned the processing of EU citizen data, the UK GDPR concerns the processing of UK citizen data. There are also implications concerning the processing and transferring of data across borders that business should ensure they are familiar with.

Key Contacts for Data Protection

Briffa’s specialist solicitors have been practising intellectual property law in the UK and Europe for over twenty-five years. Meet our team and see the faces behind our success stories. Find the key contacts for this area below, or follow the link to meet the rest of the team.

Book a free consultation with our data protection team.

We’ll start with a no obligation chat where we’ll get to know you and understand your current challenges.

Book your free consultation now

Related Blog Posts

Similar services

Looking for more information?

Explore our services Key industry sectors Briffa content hub