Data Protection

Data protection legislation aims to protect the way in which personal data is collected and processed.  Failure to comply with data protection legislation can lead to civil and criminal penalties.

Every business trading in the UK has to consider data protection legislation from two perspectives: 

  • How the business treats employee data; and
  • How the business treats external third party data such as personal data relating to customers, suppliers and general contacts.

Policies and Procedures

At JCP Solicitors we provide advice on data protection policies and procedures.  As data protection and issues of cybercrime are often interrelated, we also collaborate with external IT professionals to provide advice where clients have been the subject of a data breach / cybercrime or wish to mitigate their risks of falling victim to cybercrime.


In addition to ensuring your own internal policies and procedures are compliant, data protection also needs to be considered in a contractual context – if you are releasing personal data to a third party or if you are receiving personal data from a third party, then properly drafted contracts need to be put in place to ensure that all parties are complying with the law.  JCP Solicitors provide advice on both data processing agreements and also data protection clauses for inclusion in more general commercial contracts.

Top Tip: “personal data” is data that enables a living person to be identified from the data.  Examples of personal data include: name; address; telephone number; job title; date of birth; expressions of opinion regarding an individual.

  • Betsan Powell
      • 01792 529 644
      • View profile
  • Rhianydd Llewellyn-Thomas
      • 02920 379571
      • View profile