Almost every business today handles commercially sensitive information, personal data or big datasets. Businesses are also increasingly adopting AI technologies, which introduce their own risks and governance opportunities.

At a time when regulators around the world are keeping a close eye on data protection standards and planning further regulation concerning the use and transfer of sensitive data, data governance and AI, it's essential you stay ahead of major changes to protect your business. Appropriate data handling and a robust cyber security strategy are also crucial to avoiding risk and reputational damage as cyber attacks continue to increase around the world.

Our specialist Data Protection and Cyber team is one of the biggest in Europe and has over 20 years of experience helping businesses solve their data and cyber challenges. We act for a range of clients at the heart of the data economy, helping them navigate the legal challenges that come with technology, data, and its transfer across borders.

This includes advising on the digital regulatory environment developing across Europe in the shape of the Data Governance Act, Data Act and AI Act, as well as data space regulation like the European Health Data Space, Finance Data Space, NIS 2, Cyber Resilience Act, DORA and the rules in the UK.

We can help you handle:

the implementation and maintenance of GDPR
the development of new digital business models and products to meet privacy by design requirements
the set-up and support for data protection and AI governance schemes
the review of new products and services for privacy and AI compliance (data protection impact assessments/fundamental rights impact assessments)
group company data protection issues
employment data protection (including negotiations with work councils)
online and adtech compliance
children's privacy issues
consumer data protection compliance
international data protection projects (global legal roll-out of services and products)
data security breaches, including cyber attacks and breach response advice
breach ready training so you're prepared in the event of a security incident
proceedings and investigations with Data Protection Authorities (DPAs)
the drafting and negotiation of complex privacy agreements
cross-border data transfers (including Binding Corporate Rules)
data subjects rights.

We'll provide you with real world risk management and insight gained through our longstanding relationships with national regulators across Europe and worldwide, so you can operate your business in confidence.

Global Data Hub

Visit our Global Data Hub for further insight, guidance and news on data protection issues.

Visit Global Data Hub

Digital and data regulation guide

Explore new and upcoming EU and UK legislative changes to AI, content and marketplace governance, data management, cyber security and digital resilience.

Access the guide

Artificial intelligence experts

With a long history of advising tech leaders and disruptors, we understand the real-world complexities of AI and can help you turn opportunity into reality. Whether you're leading AI innovation, looking to invest in the future, or need help managing AI risk, we can help.

Find out more

Areas of focus

Experience

Company obtains first cyber injunction under the protection of anonymity

We acted for a UK listed company on the theft of data and subsequent ransom of the company. We obtained an injunction against the hackers (PML v Persons Unknown) for the client, which was the first-time judgment had been obtained for a listed company against hackers in which anonymity was granted to the company in relation to the interim injunction and then on a permanent basis. The team co-ordinated the entire incident response, including instructing forensic IT and working heavily with UK cybercrime police.

Press release

Dr. Wim Maas

Michael Yates

Margot van Gerwen

Negotiation of numerous key IT contracts for a major international car rental company

An international car rental group in the negotiation of numerous key IT contracts as part of a major project relating to connected services.

Major data breach involving sensitive employee data

A Nordics based multinational in the business services sector in the handling of a major data breach involving sensitive data of their Dutch employees.

Creation of a global data protection compliance programme

Just Eat on on its global data protection law compliance project, including multiple challenging jurisdictions such as French data protection law.

Sally Annereau

Lucy Lyons

Graham Hann

Use of sensitive genetic data in a clinical study

A US based company, involved in the development of new therapies for patients with severe neurological diseases affecting movement, in a clinical study involving sensitive genetic data.

Establishment of a Netherlands entity and GDPR compliance

A global e-commerce platform on the establishment of a Netherlands entity, localisation of applicable terms and legal document suite and their overall GDPR compliance.

Resources

EU Data Act: Implications for the Engineering and Plant Construction Industry

On 11 January 2024, the Data Act, new EU legislation to harmonise the regulation of the data economy, entered into force. It contains rules on access to and fair use of data to make it more accessible to all involved in its generation and promote data-driven innovation. Most of the Data Act becomes applicable from 12 September 2025. The Act has far-reaching consequences for the engineering and plant construction industry.

Download

Environmental, social & governance

Environmental, Social, and Governance (ESG) issues are not just checkboxes to be ticked; they represent critical demands and opportunities that will shape the future of businesses and communities. At Taylor Wessing, we are committed to helping you go beyond mere compliance, focusing on building more resilient and sustainable economies for a brighter future.

Start your ESG journey

We have developed an innovative suite of online products and resources to help you to understand and meet your international data privacy obligations. The tools range from a dedicated microsite providing thought leadership and practical compliance advice, to interactive apps and guides covering issues including cybersecurity, data exports and HR data.

Global Data Hub

Our data protection microsite, is a one-stop shop for up-to-date, international information on data privacy law, offering practical insights, thought leadership and guidance on data protection law. All content on the Hub is available for free and receives over 30,000 visitors a month. We have added a wealth of GDPR-specific articles and a number of GDPR checklists supported by a bank of virtual learning webinars to help clients with their preparations for implementation.

Global Data Hub

More

TW: Cyber Response

Our data breach mobile app helps organisations prepare for and respond to data breaches. Organisations will face potential multi-million pound fines for data breaches after 25 May 2018. TW:Cyber Response provides practical assistance to help clients prepare for and manage breaches as effectively as possible, to minimise their exposure to regulatory action, litigation risk, and reputational damage. The app is available to download from the App Store and Google Play Store.

Find out more about TW:Cyber Response

Interface

Analysis and exploration of legal and commercial issues in tech, IP, media and related sectors.

Find out more

More

Related events

There are no upcoming events

See all events

Data & cyber

Experience

Company obtains first cyber injunction under the protection of anonymity

Negotiation of numerous key IT contracts for a major international car rental company

Major data breach involving sensitive employee data

Creation of a global data protection compliance programme

Use of sensitive genetic data in a clinical study

Establishment of a Netherlands entity and GDPR compliance

Resources

EU Data Act: Implications for the Engineering and Plant Construction Industry

Environmental, social & governance

Our team