The General Data Protection Regulation (GDPR) introduced a range of new requirements for companies wishing to engage data processors or share data with another business on a joint controller or controller to controller basis.

Controllers and processors are required to have in place a contract containing certain mandatory provisions, whereas data being shared between joint controllers requires the implementation of a joint controller arrangement. Separately, there are a wide range of factors which must be considered to ensure that data to be shared with other independent controllers is done so lawfully.

We are experienced in advising on data processing agreements and provisions, joint controller arrangements and data sharing agreements, including where these involve data being transferred internationally. Sometimes it will not be easy to identify whether the recipient of the data will be acting as a data controller or a data processor, and we can assist with making this determination.

Our clients include innovative fintech and adtech companies, financial and professional services firms including UK and US law firms, and multinational businesses in UK, as well as international organisations.

"The team at Fox Williams provides sound and practical advice. They are highly responsive and very dependable. Their skill set, strategies and communication style are a great fit for our fast-growing organisation."

Chambers UK 2024

"The breadth of knowledge, delivered in a commercially sound manner, is very refreshing and the team has been my go-to on complex regulatory matters for many years. Highly regarded and recommended."

Legal 500 2024



Portfolio Close
Portfolio list
Title CV Email

Remove All