Data Protection and GDPR

Data Protection and GDPR

In the course of running a business, you are likely to collect the data of the people that you come into contact with. These people are referred to as data subjects and include employees, customers, suppliers and any data you are storing or managing for third party clients.

Personal data refers to the information that data subjects can identify themselves either directly from or when combined with other data.

Why should I know about data protection?

It is important for individuals, businesses and public bodies to understand the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) in order to comply with data protection law.

The GDPR and the DPA regulate how organisations collect, process and store personal information. Furthermore, the Information Commissioner’s Office (ICO) serves as the regulatory authority responsible for enforcing GDPR compliance. They possess the authority to conduct compliance audits, issue enforcement notices, and impose substantial fines for non-compliance.

What must you do?

If you process personal data, you must comply with the following principles of good practice. These principles ensure that personal data is:

  1. Fairly and lawfully processed
  2. Processed for specified, explicit and legitimate purposes
  3. Adequate, relevant and not excessive
  4. Accurate and up-to-date
  5. Not kept longer than necessary
  6. Processed in a secure way.

Rights of data subjects

In addition to these obligations, the rights of data subjects are enshrined in GDPR and the DPA, whereby they may seek to control information consisting of personal data.

The GDPR recognises the following rights of data subjects:

  1. The right to be informed
  2. The right of access
  3. The right of rectification
  4. The right to erasure, also known as the ‘right to be forgotten’
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. The right not to be subject to automated decision-making and profiling

Whether you are an individual who would like to take action in order to enforce your data rights in the event of a breach of its obligations, or you are a business that would like to address your current data practices, expert advice should be sought to guide you through the various and often complex aspects of data protection law and all potential challenges you may face.

Why choose Taylor Hampton Solicitors for Data Protection?

There is an increasing focusover how personal data is regulated. Data controllers and processors should be aware of evolving laws and should anticipate stricter regulations and penalties for non-compliance.

At Taylor Hampton, we are experienced in all aspects of data protection law, including the collection, use, sharing and storage of personal data. We offer clear and practical commercial guidance on a range of complex data protection issues, helping bothindividuals to enforce their rights, and businesses of all sizes and across all sectors to effectively ensure compliance with data protection laws.

Our services include, but are not limited to:

  • Your obligations and responsibilities under the GDPR and DPA
  • Your compliance with the policies and procedures within the GDPR and DPA,
  • Data protection impact assessments and audits
  • Liaising with regulators to ensuring that any compliance issues can be effectively and promptly addressed
  • Handling individuals’ data access rights and subject access requests
  • Handling data breaches, including regulatory reporting and risk mitigation strategies
  • Registration processes
  • Representation in court or in dealings with the ICO regarding disputes or non-compliance related to data security.

Data protection solicitors are here to help you

Our experienced data protection solicitors give valuable advice and complete data protection. Some of these include – evaluating the kind of breach, risks and remedies related to it. In the case of breach of data protection, necessary legal action will be taken for it and experts will guide to deal with all the challenges faced by you.

If you believe that your personal information has been unlawfully processed, used and accessed or you are facing allegations of non-compliance with the GDPR and DPA, please contact us at +442074275970 or email us at [email protected].


If you are concerned that your privacy has been breached or is about to be breached, contact our experienced team of privacy solicitors on 0207 427 5970 or [email protected]