- People
- Expertise
Our expertise
We are a team of more than 500 professionals, with the depth of experience which makes us genuine experts in our fields. Together, gunnercooke’s people have strength across just about every corporate discipline and sector. We provide legal, commercial and strategic advice that delivers real value to the clients we work with, which span from multinational enterprises through to unicorns and non-for-profit organisations. Our breadth of expertise covers some of the most interesting and important emerging disciplines, from ESG and charity law, to blockchain and competition.
Search by practice areaDispute ResolutionDispute Resolution OverviewMeet the Dispute Resolution TeamIntellectual Property DisputesFinancial Services & FinTech OverviewProceeds of CrimeEmployment TribunalTax InvestigationProperty Dispute ResolutionInsolvency DisputesMediationCivil Fraud & Asset TracingHealth & SafetyBusiness Crime & InvestigationsLitigation & ArbitrationInternational Arbitration - International
International Offices
gunnercooke has 12 offices globally including the UK, Scotland, US, Germany and CEE, with further plans for growth in the coming years. These offices enhance the existing in-house capability of our dedicated international teams and dual-qualified experts that cover China and Hong Kong, Spain, France, Italy, Brazil and Portugal. Our team has experience working across 101 different countries, speaking 30 languages and are dual-qualified in 15 jurisdictions. Our expertise means we can offer large teams to carry out complex cross-border matters for major international clients.
- Our story
Our story
gunnercooke is the fastest growing corporate law firm in the UK, now making its mark globally. We comprise a rapidly growing number of experts spanning legal and other disciplines. Clients benefit from flexible options on fees to suit their needs, access to a wider network of senior experts throughout the relationship, and legal advice which is complemented by an understanding of the commercial aspects of running a business.
- Reading Room
- News & Insights
There can be few organisations that have not received a data subject access request at some point.
Most of them probably struggle to respond exactly in the way that the UK GDPR requires. After all, article 15 is more extensive than they might think and most of them won’t know much about Schedule 2 to the Data Protection Act.
Certainly smaller organisations often struggle. Larger organisations, especially those with their own Data Protection Officers, are better equipped.
It’s an important issue because getting the response wrong can result in serious enforcement action being taken by the ICO and, potentially, legal proceedings by the data subject.
DSARs are essentially backward looking; the data subject wants to know what information has historically been collected about them and how it’s been used. And what about those old emails written in anger by a colleague and using less than flattering language about the data subject?
Whilst they are trying to make sense of all the historical stuff, very often data controllers can easily forget that any new information they create as a result of the DSAR is also potentially disclosable to the data subject. Dozens of emails will be written, meetings held , notes and decisions taken about how to respond to the DSAR.
A sense of despair can quickly fall on an organisation trying to respond correctly. Very often they discover that they don’t have the right tools to search all their data sets effectively and they worry about meeting the time limits.
All too quickly it becomes apparent that they hold volumes of personal data stored in a variety of datasets and in different locations. The task of disclosure can seem daunting.
Disclosure is a tricky regulatory issue. It is not merely a commercial or managerial issue. It is best done with the benefit of specialist legal advice.
There is at least one source of comfort though. As well as having the expertise (and experience) the organisation’s solicitor also brings legal professional privilege into the mix.
Part 4 of Schedule 2 to the DPA 2018 provides that “information in respect of which a claim for legal professional privilege could be maintained in court proceeedings” is exempt from the article 15 (1)-(3) rights.
This means that clients can engage with their solicitor openly, on all aspects of the DSAR safe in knowledge that those professional communications will not have to be disclosed. That comfort is not something that business consultants or data protection advisers can generally offer.
Tim Heywood FRSA is a partner in gunnercooke specialising in data protection, cyber and information law.
This article is not intended as legal advice nor should it be relied upon as such. Neither gunnercooke llp nor the author accepts any liability for any loss or damage resulting from reliance on its contents. Specific legal advice should be sought on your particular circumstances.
