Anna Rawlinson#9825

Anna Rawlinson

Solicitor, Fieldfisher
Anna is a Senior Associate in Fieldfisher's Privacy, Outsourcing and Technology team. She advises on a wide range of data protection issues in various commercial context, including comprehensive data protection compliance, data processing and data sharing arrangements, cross-border data transfers, DPIAs, data breaches, data protection issues in corporate transactions, as well as data audits, information rights and e-marketing. She is a member and contributor of the International Association of Privacy Professionals and holds CIPP/E and CIPM certifications.
 
Anna has a broader corporate background, including roles as a corporate associate at a top tier City law firm and an in-house secondee at a major U.S. energy company. Before qualifying as a solicitor in the UK, Anna worked as a legal adviser in Poland and holds PhD in civil law.
Contributed to

4

Age assurance methods—data protection and online safety applications
Age assurance methods—data protection and online safety applications
Practice Notes

This Practice Note explores age assurance in online environments, emphasising its importance for compliance with a number of legal frameworks. It provides a practical introduction to age verification and age estimation methods and associated technologies. It highlights their role in compliance with legal frameworks like the United Kingdom General Data Protection Regulation, Assimilated Regulation 2016/679 (UK GDPR) and the Online Safety Act 2023, among others. It also provides an overview of the global context, and discusses key enforcement actions and the role of stakeholders in implementing age-appropriate measures, including those aimed at the protection of children.

EU GDPR—2021 standard contractual clauses for transfers of personal data internationally
EU GDPR—2021 standard contractual clauses for transfers of personal data internationally
Practice Notes

This Practice Note provides guidance on the set of standard contractual clauses (SCCs) for international transfers of personal data published by the European Commission in June 2021 (the 2021 EU SCCs).

EU GDPR—Binding Corporate Rules (BCRs)
EU GDPR—Binding Corporate Rules (BCRs)
Practice Notes

This Practice Note discusses Binding Corporate Rules (BCRs), which are one of the mechanisms that allow for the transfer of personal data outside of the EEA in compliance with Chapter V of the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR). BCRs enable a group of companies to demonstrate appropriate safeguards when they transfer personal data internationally between the group’s entities.

The EU Data Governance Act and EU Data Act
The EU Data Governance Act and EU Data Act
Practice Notes

This Practice Note covers two recent legislative developments in the EU’s digital market, Regulation (EU) 2022/868, the Data Governance Act (the DGA) and Regulation (EU) 2023/2854 the Data Act (the DA). These two acts are the main deliverables of the European Strategy for Data, presented by the European Commission in February 2020. The European Strategy for Data, is part of the European Commission’s broader action plan to ensure Europe’s digital sovereignty by 2030, and is complementary to the European strategy on AI.

Practice Area

Panel

  • Contributing Author

Experience

  • Fieldfisher (Nov 2021 - Present)

Qualifications

  • CIPP/M (2020)
  • CIPP/E (2018)

If you expected to see yourself on this page, click here.