Data Protection and Cybersecurity

We advise on a broad range of data protection and cybersecurity issues, working with clients in a variety of industries, including the manufacture, sale, distribution and retail of products such as motor vehicles, luxury goods, engineering tooling, furniture and household goods, and the provision of services, including online, such as in the telecommunications, travel, betting, defensive software, health and employment agency businesses.

Our Data Protection and Cybersecurity Team has developed expertise in understanding and addressing the sometimes complex challenges posed by data protection legislation, which may vary considerably across the globe, and in the presence of constantly evolving technology enabling personal data to be transferred across the world in real time. We regularly advise in connection with:

  • Drafting and review of privacy policies and procedures for GDPR compliance, assistance and support to the data protection officer (DPO); in general assistance and advice in relation to data protection issues arising in all corporate and commercial contexts, including contractual and on the internet, social media issues, call centres
  • Cross-border data transfer outside the European Economic Area, data processor agreements and in general personal data sharing
  • Review and advice in relation to cloud service agreements and data protection and security issues involved
  • Advice on compliance concerning online marketing and profiling activities
  • Outsourcing and data licensing
  • Loyalty schemes
  • HR personal data issues (eg. whistleblowing schemes, video surveillance issues)
  • Data security and cybersecurity issues and data breach response strategies
  • Data protection risk analysis and GDPR compliance, assistance in drafting data protection impact assessments, contacts with the Data Protection Authority and handling responses to its requests for information, as well as data subject requests.

The Data Protection and Cyber Team works closely with outside experts from other areas of expertise relevant in data protection matters, such as it and criminal law counsels so as to offer a complete service to the client on all aspects of data protection.

In particular, we have an excellent relationship with a team of highly specialized network security engineers linked to the Polytechnic of Milan, who provide us with full support on the technical aspects of cybersecurity issues.



We use our experience to find ways of meeting clients’ specific needs.

Our priority is to work with clients in seeking practical and commercially viable solutions with a view to making data protection an asset enhancing clients’ business and, at the same time, defending that asset.

Our work forms part of a fully integrated service.

Our data protection expertise forms an integral part of the work of our M&A team in various aspects of their work, contributing to not only to the due diligence aspects but also to the procedural and contractual aspects with data protection have now become a crucial element in M&A deals.

We have assisted primary clients active in the field of law enforcement and offensive/defensive security systems, with reference, inter alia, to investment and M&A deals in the cyber security market, preparation of contractual and software license agreements and documents as well as export controls on encryption and dual use products.