Data Protection Overview

Briffa has been helping organisations and individuals successfully navigate the choppy waters of personal and sensitive data for over 25 years. Our specialist solicitors can advise on all aspects of data protection, including GDPR requirements, website privacy policies, internal data protection policies and third-party data protection agreements.

Given our extensive background in intellectual property, our data protection lawyers have a huge amount of experience in this area. Our comprehensive services include a legal strategy, documents, and training to protect your highly valuable commercial data, and we are on hand to provide tailored advice at all times.

Typically, we’ll provide businesses, small and large, with specialist legal advice covering the following:

  • All aspects of GDPR and data protection
  • Website privacy and cookie policies
  • Internal data collection, storage and retention policies
  • Third-party data protection and privacy agreements
  • Subject Access Requests
  • Registration with the Information Commissioner’s Office
  • CCTV and privacy legal issues
  • Selling online and security of customer’s personal data
  • Freedom of Information
  • Direct marketing, including cold calling and emailing


“Excellent service. Fast, friendly, diligent, and pragmatic. Briffa very helpfully explained legal wording in layman’s terms which helped decisions on clauses to include, delete, keep, or challenge.”

– Simon Fenn, Client


Protect Valuable Data

Our data protection solicitors provide expert legal advice on all aspects of data protection law, plus whatever support you require to protect your intellectual property assets properly.

Your commercial data is likely to be highly valuable, and taking the right steps to mitigate the risk of deliberate or inadvertent data breaches, such as the leakage of sensitive information, is important.

GDPR Compliance

The EU’s latest data privacy law, the General Data Protection Regulation (GDPR), was implemented across the EU in May 2018. The law applies to any business processing data of EU citizens, regardless of where that business is located – meaning it’s still applicable to many UK businesses despite leaving the UK (regardless, the UK has retained the GDPR in domestic law).

We are thoroughly versed in all areas of GDPR. We can ensure you remain protected from non-compliance penalties, which can run to €20 million or 4% of your annual worldwide turnover, whichever is higher. We will ensure your website privacy policies, internal data protection policies, and data collection, storage & retention procedures are all compliant.

Why Choose Briffa?

We’re recognised for the quality of our services by the Legal500, having provided specialist data protection services for over 25 years.

We offer a free consultation to discuss your data protection needs before providing a fixed-fee quote for our services.

We have offices in London, UK and Cork, the Republic of Ireland, plus a global network of associates.

We offer an industry-leading service with short turnaround times and business-focused advice.

Frequently Asked Questions

Does my business need to worry about data protection?

In the UK, all businesses collecting personal information about their customers and employees must comply with data protection regulations. Given almost all businesses now collect some form of personal data, very few are exempt. It’s key that any personal data is collected and stored securely, and how your businesses uses an individual’s personal data must be transparent.

What is the GDPR?

The General Data Protection Regulation (GDPR) is an EU law concerning personal data privacy. The law has several core components which cover accountability, accuracy, security, storage, transparency, what is collected, and why. GDPR applies to any company processing data of EU citizens.

Non-compliance with GDPR can prove costly, as fines can reach £20 million or 4% of global annual turnover (whichever is higher). It’s therefore imperative that businesses processing personal seek astute legal advice to ensure compliance.

Does GDPR apply in the UK?

Despite leaving the EU, the UK retains the GDPR in domestic law. This is called UK GDPR and sits alongside the Data Protection Act 2018 at the forefront of the UK’s data privacy laws.

One difference is that whilst the original GDPR concerns the processing of EU citizen data, the UK GDPR concerns the processing of UK citizen data. There are also implications concerning processing and data transfers across borders that businesses should ensure they are familiar with.

Key Contacts for Data Protection

Briffa’s specialist solicitors have been practising intellectual property law in the UK and Europe for over twenty-five years. Meet the key personnel for this area below, or follow the link to meet the rest of the team.

Book a free consultation with one of our specialist data protection solicitors, London.

We’ll start with a free, no-obligation chat where we’ll get to know you and understand your data protection issues.

Book your free consultation now

Related Blog Posts

Similar Services

Looking for more information?

Explore our services Key industry sectors Briffa content hub