Matt is a commercially-minded and personable data protection and privacy lawyer.
Matt advises and supports clients in all areas of data protection and privacy, with a focus on international data protection compliance projects. His depth of knowledge and experience allows him to provide targeted, pragmatic advice which is tailored to the needs, motivations and risk-strategy of the client.
Recent examples of Matt’s work include:
- advising a global insurance group on the implementation of controller and processor Binding Corporate Rules. This included drafting a suite of data-related policies and procedures to govern the data processing activities of the group, providing advice and assistance throughout on various aspects of applicable data protection law, as well as drafting applications to relevant data protection authorities and liaising with such authorities on appropriate interpretation of the law;
- advising an international news and media group in the areas of AdTech, marketing and cookie compliance and providing ongoing support in the capacity of Shoosmiths’ DPO service;
- advising an international insurance industry think tank on data privacy considerations (such as effective anonymisation measures) relating to the operation of a global data repository of cybersecurity incidents and claims;
- advising an international automotive insurance group on a significant data subject access request, with an initial relevant document count of over 140,000, made by a former senior officer of the group. This involved managing a cross-office team and working closely with a third party tech provider to ensure the request was complied with effectively, diligently and within very tight timescales;
- advising a global recruitment agency on a significant personal data breach which required notification to data protection authorities in several jurisdictions;
- carrying out a comprehensive data protection compliance audit for a property insurance group. This involved several days on-site with the client, interviewing key stakeholders from each business function, and producing a report identifying gaps in compliance and outlining recommended remedial actions;
- advising an international automotive organisation on its marketing processes and procedures in the context of its collaborations with third party insurers;
- undertaking a comprehensive data protection impact assessment relating to temperature checking procedures for an international hospitality and holiday resorts group and assisting with the implementation of required processes and procedures, such as effective workforce and customer privacy notices, across several jurisdictions;
- advising an aviation services provider on a variety of data protection matters, including on its procurement and third party due diligence process in respect of a new occupational health and healthcare provider;
- advising a global food and catering services organisation on Freedom of Information Act requests received by its UK-based public authority customers;
- developing and presenting on-site data protection training to a range of organisations, including the London office of a US law firm; and
- advising on, drafting and negotiating a wide range of data processing and data sharing agreements for clients from a variety of sectors.
Matt trained with a large regional firm (qualifying in 2017) before moving to Shoosmiths in 2018.