Our Website Uses Cookies 


We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.


For more information, please contact us or consult our Privacy Notice.

Your binder contains too many pages, the maximum is 40.

We are unable to add this page to your binder, please try again later.

This page has been added to your binder.

Paul Maynard is an associate in the technology and media group in the London office. He assists clients in negotiating a rapidly-changing regulatory landscape affecting the use of existing and new technologies.

Mr. Maynard's work in this area has involved advising on compliance with European data protection and information rights laws, including in particular the EU General Data Protection Regulation, the UK Data Protection Act 2018, and laws related to the privacy of electronic communications. He has experience of advising global clients on large-scale internal compliance programs, contractual negotiations, and cybersecurity incident management across a range of industry sectors, including online retail, financial services, consumer, technology, life sciences, and travel. He also advises on investigations and requests from regulators or concerned individuals.

  • Advised a global online retailer on all aspects of their GDPR compliance program. This involved advising on the key compliance requirements, as well as the practical means of implementing those requirements in an effective way within the client’s business. It included a virtual secondment and working closely, on a day-to-day basis, with members of the client’s legal and business teams.
  • Assisted multinational clients in professional services, online retail and human resources sectors with applications for Binding Corporate Rules to facilitate the international transfer of personal data. This included drafting application forms, policy documentation for approval, and responding to comments and questions from reviewing supervisory authorities.
  • Advised a global manufacturer on the management of a cybersecurity incident affecting their services worldwide, including an assessment of where notifications to regulators were required, liaising with forensics teams and assisting with drafting communications.
  • Acted for multiple consumer-facing organizations in relation to requests for information from the UK Information Commissioner’s Office about their direct marketing practices, including advising on approach and drafting responses.