Open Navigation

Harvinder Thiara Data Privacy and Compliance Solicitor

[email protected]020 7317 6771

Data Privacy Lawyer at Magrath Sheldrick passionate about Privacy law, Data Protection, Risk and Compliance.

Harvinder aptly balances legal risk with the commercial needs of businesses; allowing Organisations to thrive in demanding situations. A skilled practitioner  able to advise legal, operational, and business teams whilst engineering pragmatic data privacy and compliance solutions.

She is a senior solicitor with over 12 years PQE, specialising in Data Protection, Privacy and Compliance. Competent at drafting bespoke contract solutions to unique situations, design and implement compliance programmes and also advise upon privacy implications of new projects and technologies. Within her dual role she also enjoys engaging with clients and providing tailored advice to address their data privacy and compliance needs.

Prior to joining Magrath Sheldrick she acted as in-house Counsel advising Organisations (ranging from global insurers, construction firms, advertising/media firms and charitable organisations) on the data compliance, implementation of the GDPR and Brexit led changes affecting operations.

  • Team: Employment
  • Based: London

Interest

  • Trustee of NACCC
  • Volunteer
  • Book club Organiser

Notable experience

  • Leading on continuous improvement of the firms’ data protection compliance programme to ensure alignment to current law and regulatory guidance
  • Legal drafting, negotiating data protection and data security provisions into commercial contracts and agreements, responding to client engagement RFPs and due diligence questionnaires
  • Reviewing the Firms’ contracts, including supplier and 3rd Party agreements
  • Creating and maintaining data protection policies and procedures (experience of ISO 27001 standards)
  • Advising upon data protection and security implications within new projects and technology applications and managing risk registers
  • Working with the IT team assessing cyber security and information security risks for the firm and developing appropriate training programmes
  • Understanding of Data Transfer Agreements taking into consideration both UK and EU GDPR (ITDA, EU SCCs with Addendum) and Transfer Risk Assessments
  • Conducting data protection compliance assessments, both new and changes to existing processing activities
  • Drafting and amending clients’ Privacy notices and data protection documentation.
  • Data Protection Mapping and Audits (in-house and client)
  • Assisting with data incidents, breaches, investigations and advising on notifications
  • Drafting Data Sharing agreements and group policies
  • Dealing with data subject access requests (within the Firm and assisting clients)
  • Drafting and amending internal compliance documentation including policies for AML, anti-Modern Slavery, Anti-Corruption and Bribery, ESG and diversity statements
  • Registered Data Protection Officer, membership of IAPP and participation within Data Protection Forums