Lewis Mathys Emmerson LLP is internationally recognised for its specialism in advising on cross-border data regulatory matters.

Compliance with the GDPR, e-Privacy regulations and related UK and EU data protection laws is critical to the success of every business.

Our Data Regulation team has over 30 years of combined experience in this area and has advised on all manner of data protection issues, from helping global businesses structure international transfers in a compliant way to dealing with complex large-scale data breaches and serious cyber-attacks.

Our data protection clients represent a broad range of industries, including videogames and digital entertainment, aviation, heavy industry and manufacturing, data science, global recruitment, cloud services, energy and infrastructure, financial services, healthcare and pharmaceuticals. Many are household names and listed companies which process personal data on millions of individuals.

We help these businesses to navigate complex regimes and advise them on how to balance the need to comply with strict obligations with the realities of international commerce.

We advise on a wide range of data regulatory issues, from the initial stages of auditing personal data flows and determining the application of UK and EU data laws to our clients’ global corporate groups through to structuring and implementing long-term compliance programmes and handling data-related business-critical matters.

Our work encompasses fundamental compliance support such as preparing essential policies, training management and staff, and implementing data processing and transfer agreements between group companies and with external vendors, as well as discrete matters such as responding to data breaches, handling data access and erasure requests, and structuring new products and services to ensure compliance with privacy by design and default principles and specific statutory requirements such as the Children’s Code.