GDPR & UK GDPR Compliance

At Handley Gill, our experienced, legally qualified consultants offer pragmatic and robust data protection, privacy and wider legal advice, compliance and assurance services to our clients, which range from micro-entities, to SMEs, multi-national corporations and public bodies in industries spanning marketing, regulated services, recruitment, tech, content providers, political parties and lobbying groups, charities, law enforcement, sport and fitness and healthcare.  Our services include:  · Establishing and implementing data protection compliance frameworks;  · Conducting data mapping exercises;  · Advising on the lawful basis for personal data processing;  · Advising on the need for, and providing, outsourced data protection officer (DPO) services;  · Conducting data protection impact assessments (DPIAs), advising on high risk processing and prior consultation obligations;  · Conducting legitimate interests assessments (LIAs);  · Drafting privacy, data protection and cookie policies and notices;  · Drafting data handling and management policies and standards;  · Drafting, advising on and negotiating data processing agreements;  · Drafting, advising on and negotiating data sharing agreements;  · Advising on compliant marketing practices and campaigns;  · Advising on and conducting vendor and supply chain risk assessments;  · Conducting international data transfer risk assessments (TRAs);  · Drafting, advising on and negotiating international data transfer agreements and other safeguards;  · Advising on and preparing responses to data subject rights requests, including data subject access requests (DSARs);  · Preparing and rehearsing data breach and cyber incident response preparedness plans;  · Advising on data breach notification obligations;  · Designing and delivering standard and bespoke data protection training;  · Advising on the application of the Age Appropriate Design Code (Children’s Code);  · Providing independent data stewardship representation to support consultation obligations;  · Advising on the ethical design and implementation of machine learning and Artificial Intelligence (AI);  · Conducting data protection audits;  · Advising and representing in regulatory and enforcement action brought by the Information Commissioner (ICO) and other regulators;  · Advising and representing in appeals to the First-Tier Tribunal (Information Rights);  · ConA · Providing independent data stewardship representation to support consultation obligations;  · Advising and representing in regulatory and enforcement action brought by the Information Commissioner (ICO) and other regulators;  · Advising and representing in appeals to the First-Tier Tribunal (Information Rights);  · Advising and supporting preparations for the implementation of the Online Safety Bill.