Our data protection expertise
Our global team has cutting-edge expertise in offshore data protection and information security regulation and implementation across our legal jurisdictions of Bermuda, British Virgin Islands, Cayman Islands, Guernsey, Hong Kong, Isle of Man, Jersey, Mauritius and Seychelles. Our GDPR lawyers also have practical experience advising clients on pan-jurisdiction data protection matters on a global basis, including the interaction between local legislation and GDPR itself.
As a highly regarded data protection law firm in the offshore space, we work frequently with local government, regulators and industry bodies to develop responses to the challenges of globalisation and regulation, with a focus on producing effective solutions for clients. Our team sit on various legislative and industry working parties, such that where decisions on strategy and new legislation are being made, we are involved.
Our team of data protection lawyers also routinely offer thoughts and guidance via blogs and briefing notes on the important issues affecting clients and provide bespoke training and support to match their needs. Our own Data Protection Guide provides a detailed overview of the privacy and cyber security regimes in eight of the world’s largest offshore jurisdictions with quick-linked answers to some of the most business critical issues.
A number of our team sit on our global Technology and Innovation Group and, as expert data protection lawyers, have also been invited to contribute jurisdictional chapters to global guides on data protection law.
We offer advice to clients on all aspects of offshore data protection and information management compliance, including:
- Privacy policies and notices
- Privacy impact assessments (including technology issues)
- Data collection and capture
- Marketing and direct marketing
- Cross-border data transfers
- Data quality management
- Data retention policies and data protection officers
- Shared service agreements
- Fund and managed company administration agreements
- Cloud service provider agreements and data processing agreements
- Supply chain management and outsourcing
- Issues affecting data centres
- Data in the insurance and reinsurance industry
- All aspects of human resources data management
- Data subject access requests
- Big data and data analytics (including use of profiling and anonymisation/aggregation principles)
- Digital identity, authentication and biometrics
- Responding to data requests from foreign authorities, law enforcement agencies and regulators
- Complaints and enforcement issues
- Data breach response procedures
- Tailored training
- Cybersecurity
