Contact us
Bridget Treacy#4583

Bridget Treacy

Partner, Hunton Andrews Kurth
Bridget Treacy is a partner at Hunton Andrews Kurth. Her practice focuses on all aspects of privacy, data protection, information governance and e-commerce issues for multinational companies across a broad range of industry sectors. She advises clients on the EU General Data Protection Regulation that is transforming Europe’s privacy landscape. Other key experience includes big data and analytics, cloud computing, cross-border data transfers and BCRs, behavioural targeting and data breach. She has structured and implemented global privacy and data management compliance programs. Bridget is one of the few UK lawyers with deep, practical experience of advising on EU data protection, cybersecurity and data breach issues. She also has wide-ranging experience advising on outsourcing agreements, strategic alliances, shared services arrangements and technology licensing. She is the editor of the specialist privacy journal “Privacy and Data Protection”, and has contributed to a number of published texts.
Contributed to

2

EU GDPR—extra-territorial reach
EU GDPR—extra-territorial reach
Practice notes

This Practice Note discusses the territorial scope of the General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR). This applies whenever the use of personal data by an organisation relates to: (i) the offering of goods or services to individuals in the EEA, irrespective of whether a payment is required, or (ii) the monitoring of those individuals’ behaviour in the EEA.

UK GDPR—extra-territorial reach
UK GDPR—extra-territorial reach
Practice notes

This Practice Note discusses the territorial scope of the regime established by the United Kingdom General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR). In summary, the UK GDPR regime may apply: (1) whenever the processing of personal data occurs in the context of the activities of an establishment of a controller or a processor in the UK, (2) where the use of personal data by an organisation relates to: (i) the offering of goods or services to individuals in the UK, irrespective of whether a payment is required, or (ii) the monitoring of those individuals’ behaviour in the UK or (3) by virtue of public international law. This Practice Note also considers the regime requiring the appointment of UK representatives in certain circumstances.

Practice areas

Membership

  • Member, European Advisory Board, International Association of Privacy Professionals
  • Member, Society for Computers and Law
  • Member, Women in Banking and Finance

Panel

  • Contributing Author

Education

  • BCom, LLB (Hons), University of Canterbury, New Zealand, 1990

If you expected to see yourself on this page, click here.