Data Protection & Privacy

Described by many as the “new oil” for the digital economy, there is no doubt that personal data are now seen as critical for organisations to succeed. However, like oil, personal data can be toxic when spilled, presenting a new world of risks.

The frenetic conversion of the global economy to an increasingly digital, internet-driven model has stimulated a rapid change in privacy, data protection and cyber-security laws and regulations, most notably the EU General Data Protection Regulation (GDPR).

It is important now more than ever that businesses are fully informed and fully compliant.

What sets us apart from competition is that we understand that, whilst a purely compliance-driven approach to GDPR could deliver full protection of individual rights, it is not intended to prevent legitimate commercial activity or to hamper business innovation.  To avoid this, we help business to (a) modernize architecture, (b) adopt privacy principles and (c) take an identity and privacy engineering approach.

We frequently advise clients on data privacy, especially in relation to the GDPR.


Key services include:

  • GDPR compliance programmes
  • Privacy impact assessments
  • Privacy policies, notices and guidelines
  • Data retention policies
  • Binding corporate rules
  • In-house training programmes, workshops and seminars
  • International data transfers
  • Outsourcing management
  • Data transfer agreements
  • Social media and user-generated content involving personal data
  • Cyber risk management and advisory
  • Data breach response, including representing clients before the Greek Data Protection Authority, other supervisory authorities and courts
  • Regulatory updates and review. Including in relation to the NIS Directive, ePrivacy Directive, GDPR and the relevant national implementing laws.

“The highest-quality advice and support”

The Legal 500, 2016