Data Protection

Doing business in the digital age demands organizations to prioritize data protection at all costs

The EU’s GDPR has set the global gold standard for data protection and has inspired various states in the US, such as New York and California, to update their data protection laws. But did you know that the GDPR also applies to may US-based businesses that collect data from EU citizens or residents, even if you don’t have an office in the EU? With this constantly evolving field, data protection is not an issue that can be put on the backburner for another day. From marketing issues to policies, privacy notices and personal data of employees, leaders must ensure they have in-house knowledge to ensure compliance across all departments. In practice, this can often prove a challenge

Every day, our data protection lawyers strive to deliver experienced, cost-effective legal services that your business can depend on. We do this by steering you through the compliance maze, mapping out the risks and putting in place the frameworks necessary to protect you from costly claims, government sanctions and reputational damage.


Under some state laws in the US, as well as the EU GDPR, individuals have the right to access their personal data by making a subject access request verbally or in writing. Our data protection lawyers provide practical advice to businesses on access rights and help them establish robust processes for compliance.

We understand the challenges that can arise in implementing the systems and processes required to ensure full compliance with data protection laws. Our dedicated team works in tandem with a diverse portfolio of clients to provide clarity on their obligations with regards to handling personal data. We can also assist organizations to respond and react appropriately and effectively in the event of a data breach.

Just like customer data, companies have a duty to act responsibly with the personally identifiable information of employees. We regularly assist our clients on the appropriate measures to be taken in avoiding unlawful data processing, accidental loss or damage to personal data.

If your business touches the UK or the EU, or their citizens, in even the smallest way, the GDPR may apply. Failure to comply with the GDPR can result in hefty fines, even if you didn’t know the GDPR applied to your non-EU/UK based business. Since the new regulations came into force in 2018, our lawyers – in both the US and in Europe – have been committed in providing sophisticated guidance and pragmatic support to help businesses ensure full compliance. From assisting data protection officers to advising on marketing communications and best practice in lawful data processing, we will help you stay compliant.

Our global network of privacy lawyers regularly assists clients to implement frameworks for compliance with data protection laws and put in place appropriate security and risk management practices as regulatory pressures increase.

If your business plans require international transfers of data as part of day-to-day activities, you want to minimize your risk by making sure appropriate protections are in place and that various laws are complied with. Our experience privacy team can provide legal guidance and help in adequacy assessments to ensure the smooth, secure and compliant flow of data to and from your organization.

Privacy policies are critical in outlining exactly how you intend to use the data of businesses and individuals who interact with your organization. If you are seen to be using data for reasons not explicitly stated in your policy, you leave your business open to risk. Our heavyweight privacy and information security lawyers provide guidance in drafting privacy policies that enable you to harness data honestly and transparently.

It only takes one oversight for an organization’s systems to breached. We guide businesses through the complex rules surrounding retained data and requests for disclosure, providing hands-on advice on the creation of policies and procedures relating to such retained data.

For further information or to discuss a matter please telephone +1 202 263 3651 or click here to email us.

Copyright© 2020 360 Business Law America. All rights reserved.