Nicola Fulford

Nicola specialises in privacy and data protection, advising on the full range of related issues including: International data transfers; responding to data security breaches and inquiries from data protection authorities; privacy policies; notices and consents; online profiling, cookies and marketing; subject access; interception; surveillance and monitoring; compliance strategies and projects; and dealing with sensitive data, such as health data and personal data of children. Nicola advises clients on the use of personal information across a range of sectors, including technology, social media, financial services, healthcare, retail and travel. She also has extensive experience of outsourcing and complex technology transactions, acting for both customers and providers. She qualified as a solicitor in 1998 and, in addition to private practice, has worked in-house for a global outsourcing provider and a major investment bank. Nicola is certified by the International Association of Privacy Professionals as a Certified Information Privacy Professional (CIPPE). Previously at Bristows and Kemp Little, Nicola joined Hogan Lovells as partner in 2018.
Contributed to


Cybersecurity breach notification requirements
Practice Note

This Practice Note provides an overview of the laws and regulations relating to cybersecurity, examining the entities that are required to comply with such rules, their security obligations, the notification requirements in the event of a breach, and the consequences of failing to comply. It also contains practical guidance on what it takes to be cybersecurity breach ready and managing a cyber attack.

Practice areas


  • Consulting Editorial Board
  • Specialist Panel

If you expected to see yourself on this page, click here.