Data protection issues need to be addressed at the start of the due diligence exercises.
Since the introduction of the General Data Protection Regulation (GDPR), data protection has become a key consideration in the context of corporate transactions, given the level of fines which can be sanctioned on those who violate the rules, not to mention the reputational damage this can cause. It is therefore crucial that a purchaser carries out appropriate due diligence on a target prior to entering into a transaction.
We regularly work alongside our corporate colleagues providing advice in relation to:
- carrying out data protection compliance due diligence
- advising on data compliance issues arising in the context of a transaction and the steps which need to be taken to resolve these either immediately or upon completion of the transaction
- warranties and indemnities to be included in share and asset purchase agreements, and
- in the context of asset purchases, the transfer of data from the target to the purchaser following completion of the transaction.
Our clients include innovative fintech and adtech companies, financial and professional services firms including UK and US law firms, and multinational businesses in UK, as well as international organisations. Crucially, we have experience advising both data controllers and data processors on their obligations arising from corporate transactions.