Data Protection and GDPR

Data Protection and Privacy Group

Buckles Solicitors provides a broad range of data protection, privacy and related compliance advice to clients.

The group is made up of specialists from different disciplines, including dispute resolution, employment, technology and corporate and commercial, to form a cohesive team. Our focus is on helping businesses, public bodies, charities and office holders negotiate this area of law from a commercial and pragmatic viewpoint.

Our expertise includes:

  • Assisting businesses in compliance with data protection obligations
  • International data transfers
  • Privacy policies
  • Data sharing and data processing, including related agreements
  • Dealing with security and data breaches
  • Issues relating to litigation, including customer and employee subject access requests linked to a dispute
  • Assisting with data subject access requests
  • Drafting data protection policies and advising on e-privacy and cookie related issues
  • Staff training and privacy handbooks
  • Electronic communication and marketing


The data protection processes and business models of all UK organisations must be fully compliant with the General Data Protection Regulation (GDPR) which came into effect on 25 May 2018, together with the Data Protection Act 2018.

In light of the substantial penalties that can be imposed for breaching the GDPR, businesses and charities are urged to take ongoing responsibility for reviewing and, if necessary, adapting their data protection methods, policies and provisions to cover GDPR requirements. In line with this, businesses should also be aware of further potential changes to data protection law now that the UK has formally left the EU.

For an overview of the impact of GDPR on businesses and details on key practical measures that organisations should take in response, please click here.