Get a good background to data protection law and view practical guidance focused on data protection matters for commercial transactions. See also our UK GDPR compliant pro-party clauses for use in commercial agreements.
Protect trade secrets and know-how using the law of confidentiality. Get information and a set of pro-party confidentiality agreements here.
View a range of trackers to enable horizon scanning and monitoring of key developments. The trackers are maintained - making them useful for keeping up-to-date and for business development.
It’s our online practical guidance product for contentious and non-contentious lawyers dealing with Data Protection, Confidential Information, Privacy, Cybersecurity and Freedom of Information issues.
The Department for Science, Innovation and Technology (DSIT) has opened a formal evaluation process for the Software Security Code of Practice,...
The Information Commissioner's Office (ICO) has secured guilty verdicts against eight individuals for data protection offences following its largest...
Welcome to this week’s edition of the Information Law weekly highlights: a hand-picked summary of news analysis, updates and new content related to...
The European Commission has extended the UK’s data adequacy decisions under Regulation (EU) 2016/679 (General Data Protection Regulation (GDPR)) and...
UK businesses will face a six- to nine-month implementation window for the Data (Use and Access) Act 2025 (DUAA), with the first changes expected by...
Brexit timelineOn 23 June 2016, the UK held a referendum on its membership of the EU, with a majority voting in favour of the UK leaving the EU. On 29...
Brexit legislation trackerThis Practice Note tracks the progress of UK legislation introduced as part of the legislative project associated with the...
The Data (Use and Access) Act 2025—impact on UK data protection and ePrivacy lawThis Practice Note assesses the impact of the changes to UK data...
Intellectual Property Enterprise Court—costs capping in practiceBackgroundThe Intellectual Property Enterprise Court (IPEC) is a sub-list of the...
Processing personal data—legitimate interestsThis Practice Note explains the scope for relying on legitimate interest as a lawful ground for...
Personal data sub-processing schedule—pro-supplier—UK GDPR and EU GDPRThis precedent is for use between a processor and sub-processor. It assumes the...
Personal data processing schedule—pro-supplier—UK GDPR and EU GDPRThis precedent uses the additional defined terms ‘Agreement’, ‘Business Day’,...
Data licence agreement—pro-licensorThis Agreement is dated [insert date]Parties1[insert name] [of OR a company incorporated in [England and Wales]...
Stand-alone data processing agreement—personal and non-personal data—pro-customerThis Agreement is made on [date]Parties1[Insert name of supplier], a...
Data processing side agreement—personal data only—pro-controllerThis Agreement is made on [date]Parties1[Insert name of supplier], a company...
The UK General Data Protection Regulation (UK GDPR)—NavigatorThis Practice Note serves as a reference guide to the Retained Regulation (EU) 2016/679...
Privacy law—misuse of private informationThe tort of misuse of private information is focused on ‘the protection of human autonomy and dignity—the...
Confidentiality agreement—mutualThis Agreement is made on [date]Parties1[insert name of party] [of [insert details ] OR a company incorporated in...
The Information Commissioner’s Office (ICO)The Information Commissioner’s Office (ICO) is the UK’s independent regulator designed to uphold...
The UK General Data Protection Regulation (UK GDPR)This Practice Note provides a summary of the UK GDPR regime. For a higher-level introduction to UK...
Letter of claim—breach of confidence[Insert name and address of recipient]Dear [insert organisation name],[Name of client] and confidential...
Trade secrets and confidential information—protection and enforcementThis Practice Note sets out the protection available for trade secrets and...
Introduction to the EU GDPR and UK GDPRThis Practice Note provides a high-level introduction to the EU’s General Data Protection Regulation,...
Data protection, privacy and confidential information case law trackerThis Practice Note tracks noteworthy High Court, Court of Appeal and Supreme...
Commercial use of photographs—data protection and privacy issuesThis Practice Note addresses issues affecting professional photographers taking...
Letter of claim—breach of data protection law[Insert name and address of recipient]Dear [insert organisation name],[Name of client] and breach of data...
What does IP completion day mean for Information Law? [Archived]ARCHIVED: This Practice Note has been archived and is not maintained.11 pm (GMT) on 31...
Confidential information, privacy and injunctionsThis Practice Note deals with the general principles of obtaining an injunction relating to...
The Data Protection Act 2018This Practice Note introduces the UK’s Data Protection Act 2018 (DPA 2018).For higher-level introductions to data...
means: a service within the meaning of point (b) of Article 1(1) of Directive (EU) 2015/1535 which is of any the following kinds: ? online market place ? online search engine ? cloud computing service
means: a service which is essential for the maintenance of critical societal or economic activities
“priority period” means the period beginning at the time when an application for an official search is entered on the day list and ending at midnight marking the end of the thirtieth working day thereafter,