With growing public and policy concerns about risks to personal information and increasingly sophisticated cyberattacks, businesses of all sizes need tailored and strategic privacy advice. Addisons’ Privacy & Data Protection team assists clients to comply with privacy obligations and protect against accidental and malicious breaches.
We take a practical and solution-focused approach to privacy compliance and data protection. We guide clients through implementing preventative strategies including privacy-by-design approaches to embed privacy and data protection into their business operations.
We support clients with preparation of privacy policies and collection notices, data governance and compliance policies, advice on data collection, use and disclosure, data transactions and data transfers overseas, privacy impact assessments, conducting privacy due diligence in acquisitions, as well as assisting with training and managing access requests.
When clients face data breaches, we support them with urgent and actionable advice on responses including mandatory data breach notifications, liaising with the Office of the Australian Information Commissioner (OAIC) and other authorities, and communicating with individuals affected by the data breach.
We also assist clients in preparing for possible cyber incidents including preparation of Data Breach Response Plans.
advised the Australian subsidiary of a global media planning and buying agency on a cyber incident including reporting obligations to the OAIC and affected individuals.
advised a group of health care companies on privacy issues including preparation of privacy policies and consents.
assisted a multinational manufacturer of passenger and commercial vehicles with privacy compliance and data governance.
advised a multinational insurance company on a data breach, including undertaking an analysis of the breach to determine whether it was notifiable under Australia’s Notifiable Data Breach scheme.
advised an Italian company with a wellness app used by Australian residents on issues regarding compliance with the Privacy Act and the Australian Privacy Principles, in particular in relation to direct marketing and cross-border disclosure of personal information.