Skip to content
Freeths - Law firm


Complying with the new regime

What is involved?

The General Data Protection Regulation (GDPR) came into effect on 25th May 2018 – bringing about the most fundamental change in data protection law in a generation. Its purpose is to protect the rights of individuals and the security of their data. This new regime impacts every business, public authority and non-commercial organisation in the UK. Not complying with the GDPR will have heavy consequences.

The GDPR introduces far heavier fines (up to €20 million) for organisations which do not follow the new requirements for valid consent.

Key changes include:

  • Far heavier fines – up to €20million or 4% of worldwide turnover (whichever is higher)
  • New and stricter requirements for valid consent
  • More extensive compliance requirements for all agreements involving personal data
  • Compulsory reporting of data breaches and strict time limits for doing so
  • In some cases, a duty to appoint a data protection officer
  • New data subject rights, and changes to the rules dealing with subject access requests
  • Data processors being directly liable for breaches of the law
    Strict requirements for privacy policies and notices
  • A requirement to carry out privacy impact assessments in some situations.

GDPR won’t stop your business in its tracks, but you should be doing things differently to avoid breaking the law.

Why choose Freeths?

  • We can guide you through a long, complex process with site visits, tailored training and helplines
  • Our specialist data protection lawyers are frequent speakers at trade events and GDPR conferences
  • We can support your GDPR compliance processes with model contracts, documents and clear policies
  • Charity-specific – we have particular expertise with assisting non-profit organisations with GDPR

We know the GDPR can seem overwhelming. Our specialist lawyers have helped numerous clients put in place the effective policies, contracts and procedures required to avoid fines and reputational damage.

We can advise on new data subject rights and changes to the rules dealing with subject access requests. Our lawyers can explain how the introduction of data processor liability affects your supply chain and how to manage this. If you haven’t already, you probably need new (or revised) contracts, privacy policies/notices, and we can help with those too. In addition, we run training seminars and workshops for clients and provide them with guidance and templates documents.

Whether you have questions about international data transfers, direct marketing or profiling – we offer a full spectrum of services to get your organisation fully compliant with the GDPR.

Charities and the non-profit sector will also benefit from our specialist knowledge; we understand the issues of moving to opt-in communications and the challenges that entails.

Get in touch with our experts now to see how we can help you get your organisation with GDPR issues.

Meet the team

GDPR Lawyers

Nicola Cooper

Nicola Cooper
Managing Associate

0845 404 4143

Deryck Houghton

Deryck Houghton

0845 070 3810

Matthew Johnson

Matthew Johnson
Senior Associate

0845 050 3617

Mark Neale

Mark Neale

0845 077 9626

Will Richmond-Coggan

Will Richmond-Coggan

01865 781 004

Clare Taylor

Clare Taylor
Managing Associate

0845 166 6347

Related news

"Freeths have provided us with excellent support on our EU GDPR project. They responded to our need for specialist GDPR advice as we prepare to meet the requirements of the new legislation. Their dedication and support has been much appreciated."

(Valentine Steadman, Corporate and Legal Services Manager - The Royal Society for the Protection of Birds)

"Freeths' IT team is active on website, software, data protection, cloud computing and outsourcing matters. Deryck Houghton is experienced across the board."

(The Legal 500)

"I have had the pleasure of working with Deryck Houghton on a wide range of contentious and non contentious legal matters. I have always found that Deryck provides friendly, helpful and pragmatic legal advice in a timely fashion and at a cost that we consider to be good value for money. We have used the services of Deryck for many assignments in the past and will continue to do so into the future."

(Martin McCloskey, Group Commercial Director, Capita Group plc)

"Oliver's assistance on data protection, e-privacy and information security law has been most welcome. He has in-depth knowledge of the General Data Protection Regulation, which has been invaluable, and has provided very detailed advice."

(Data Protection Officer for a National Charity)

Notable Work
  • Managing the legal aspects of GDPR compliance for the RSPB, the UK’s largest conservation charity. Drafting privacy policies, opt-in statements and preparing GDPR compliant contracts, procedures and preparing training materials.
  • Working closely with a worldwide religious charity on GDPR compliance, dealing with internal data sharing and international transfers.
  • The ubiquitous nature of personal data means data protection law needs to be addressed in almost every contract. We have helped clients by preparing GDPR compliant standard terms (for customers and suppliers), data sharing agreements, and assisting in the negotiation of complex data protection clauses.
  • Advising on the compliant transfer of personal data from a UK distributor to a manufacturer in the US.
  • Advising a public sector client regarding data sharing arrangements between it and a private business.
  • Advising on an agreement for the implementation of a cloud-based software suite for a property management company.

Client service

‘Doing the right thing’ is at the heart of Freeths. Find out more about our excellent client service and the strong set of values that guide the way we work.

Our service


Talk to us

Freeths are a leading national law firm with 13 offices across the UK. If you have a query about our services or just want to find out more, why not give us a call?

Contact: 03301 001 014

Choose an office:

Portfolio close
People CV Email

Remove All

Click here to email this list of people to a colleague.