Organisations are using data in more ways than ever before, and privacy issues have never been more important for business. Our experience and understanding of the way in which regulators and courts apply data protection law allow us to create solutions that successfully balance risks and budget. We prioritise clear communication and pragmatic solutions to ensure your business has a clear picture of its data privacy obligations and how to meet them.

Whether your organisation is a startup, longstanding family business or multinational corporation, our Information Law Team is adept at advising on all manner of information law matters, from subject access requests and data breaches, to contract reviews and implementing privacy programmes. 

Some of our core services for businesses include:

Whether you are working with suppliers such as cloud providers or delivery partners, we understand that data sharing is becoming increasingly important for modern businesses.

Whether you need support with understanding the relationship between the parties sharing data, reviewing contracts, or drafting bespoke agreements, we offer practical and commercial support to help you and your business achieve your objectives. We regularly advise on:

  • Data mapping;

  • Data protection due diligence;

  • Data processing agreements;

  • Data sharing agreements;

  • Data transfers in the context of mergers, acquisitions, and joint ventures.

Data is increasingly global, and when your business operates online or you work with international suppliers, you may need to share personal data outside the UK. Our Information Law Team has extensive experience advising on international data transfers, including preparation of agreements, transfer risk assessments, the UK-US transatlantic data framework, and data security when transferring personal data.

We understand that the requirements for policies and procedures can be difficult for businesses to navigate. We work closely with businesses across a range of sectors to prepare cost-effective, straightforward policy documentation to ensure your compliance needs are met. 

Our privacy notices for businesses help your customers understand how you are using their personal data in a clear way. For the more cost-conscious businesses, we also have a range of template documentation available, including website privacy notices and cookie policies.

Our Information Law Team is adept at advising businesses on implementing compliant electronic and telephone marketing programmes and can advise on all relevant obligations under the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations. We also have extensive experience advising on cookie compliance and can assist with reviews and drafting user-friendly website policy documentation and consent banners.

With data-led approaches central to the positive educational outcomes achieved in the EdTech sector, the nature of the data and the regulatory focus on this area means that  businesses in this sector are navigating complex risks on a frequent basis. With long-standing experience advising EdTech clients, our Information Law Team is experienced in identifying and managing areas of risk, helping organisations implement sector-specific strategies.

We advise EdTech companies on all aspects of data privacy, including:

  • Privacy by design;
  • Data flows and data sharing;
  • Sub-processer contracts and compliance;
  • International data transfers;
  • Breach management;
  • Data subject rights and complaints;
  • Marketing activities.

We collaborate with our colleagues in the Education and Business Law Teams in order to innovate and develop efficient, compliant approaches to information management and meet our clients’ needs. For more information about how Stone King can support EdTech providers, please click here.

The law and practice referred to in this article or webinar has been paraphrased or summarised. It might not be up-to-date with changes in the law and we do not guarantee the accuracy of any information provided at the time of reading. It should not be construed or relied upon as legal advice in relation to a specific set of circumstances.