The General Data Protection Regulation (GDPR) generally prohibits the transfer of personal data outside of the UK/EEA unless an appropriate transfer mechanism is in place.

Failure to comply with the rules can result in heavy sanctions being applied. It is therefore essential that businesses with an international footprint, those relying on processors outside the UK/EEA or those otherwise involved in transferring data to recipients outside the UK/EEA are aware of the mechanisms they rely upon when transferring data internationally.

The rules can be complex, and determining which mechanism should be relied upon often involves an analysis of specific facts and circumstances. We regularly advise clients on:

  • the implementation of intra-group data transfer agreements
  • the appropriate steps which need to be taken to lawfully transfer data outside the UK / EEA
  • the derogations set out in Article 49 of the GDPR, and
  • requests from non-UK/EEA regulators for the transfer of data falling within scope of the GDPR.

Our clients include innovative fintech and adtech companies, financial and professional services firms including UK and US law firms, and multinational businesses in UK, as well as international organisations.

"The team at Fox Williams provides sound and practical advice. They are highly responsive and very dependable. Their skill set, strategies and communication style are a great fit for our fast-growing organisation."

Chambers UK 2024

"The breadth of knowledge, delivered in a commercially sound manner, is very refreshing and the team has been my go-to on complex regulatory matters for many years. Highly regarded and recommended."

Legal 500 2024



Portfolio Close
Portfolio list
Title CV Email

Remove All