International Reach of Data Protection Law

International reach of GDPR

As well as being applicable to organisations within the European Economic Area (EEA), the GDPR has an international reach – as does the UK Data Protection Act 2018 (DPA).

Regardless of the location or place of establishment, it is possible that either piece of legislation applies to the activities of an organisation. For example, the DPA applies where personal data processed by an organisation (wherever located) relates to data subjects in the UK, and the GDPR applies where an organisation offers goods or services to individuals in the EEA (such as a UK-based e-commerce business selling goods to consumers in the EEA).

Ensuring full compliance with data protection law, wherever you are

The need to comply with two different legal regimes sounds potentially onerous but, in many respects, the legal requirements are aligned between the GDPR and the DPA.

MacRoberts advises on the international aspects of data protection compliance, routinely assisting our UK-based clients in relation to international data transfers, as well as organisations outside the UK and EEA on compliance with data protection requirements in connection with their activities in the UK and the EEA.

UK-based representatives

Likewise, organisations based outside the UK may be required to appoint a UK representative, for example, if they offer goods or services to persons in the UK.

Our data protection lawyers can advise you on whether you need an EEA or UK-based representative and their responsibilities under the relevant data protection regulations.

International data transfers

Data protection legislation imposes conditions on data transfers to organisations located outside the UK. The organisation transferring personal data should ensure that the transfer meets relevant legal requirements.

There are many grounds which can be relied on for international transfers, and our team can advise you on any restrictions on data transfers.

Data Protection & Cyber Security

Our team advises clients on the full range of data protection matters to ensure your business is fully compliant with the law.
Data Protection & Cyber Security
Data Breaches

Our team can assist you in understanding whether your business has suffered a data breach and, where appropriate, advising on the next steps.
Data Breaches
Policies & Documents

We have a number of template policies and types of documentation to help your business comply with data protection law.
Policies & Documents
Auditing & Mapping

We can help you understand the flow of personal data within your organisation and implement any remedial actions to improve compliance.
Auditing & Data Mapping
Big Data & Technology

Our team advises on the deployment of big data technologies in compliance with data protection law.
Big Data & Technology
Cyber Security

Our team can advise you on full compliance with the requirements to ensure your business is not at risk of cyber crime.
Cyber Security & Cyber Crime

In 2016, we were one of the first law firms in Scotland to become accredited Living Wage employers.
Shortlisted for Firm of the Year at the Scottish Legal Awards 2022.
Winners of Corporate & Commercial Team of the Year and Family Law Team of the Year at the Scottish Legal Awards 2020.
Our Real Estate team won the Property Team of the Year Award at the British Legal Awards in 2018.
Winner of SME of the Year at the Scottish SME Awards 2017, hosted by Scottish Business Insider.
Highly Commended for Commercial Team of the Year at the British Legal Awards 2016.
In 2019, MacRoberts achieved Cyber Essentials Plus certification, a UK Government entry-level information security standard.
MacRoberts holds the ISO 9001:2015 certification for Quality Management, the most widely recognised quality management system standard in the world.
MacRoberts holds the ISO14001:2015 certification for Environmental Management, demonstrating our ongoing commitment to environmental awareness.
MacRoberts holds the ISO27001:2013 certification for Information Security, an internationally recognised security gold standard.
Business continuity is a critical element of the Business Management System at MacRoberts and we hold full accreditation with the ISO 22301:2019.
MacRoberts is a member of IP Inclusive, a network of intellectual property professionals working to make our community more equal, diverse and inclusive.
We are active members of the PRIME Programme – an organisation that focuses on ensuring a career in law is open to talent from all economic and social backgrounds.
MacRoberts supports the Scottish Business Pledge, a values-led partnership between Government and business that is based on boosting productivity and competitiveness through fairness, equality and sustainable employment.
We are supporters of the Partnership for Change, a network of organisations and individuals who share a common ambition to improve diversity on boards and in senior leadership.
We are a member of the Employers Network for Equality & Inclusion (ENEI), a UK-based not-for-profit organisation which helps employers build and maintain diverse teams and inclusive cultures through our membership, training, and consultancy services.
In 2022, MacRoberts was awarded enei's Silver TIDEMark. TIDE is enei's self-assessment evaluation and benchmarking tool which measures an organisation's overall approach and progress on diversity and inclusion.
MacRoberts is a Disability Confident employer, and are committed to disability equality across our firm.
MacRoberts fully supports flexible working practices and supports family-friendly working practices.
In 2022, MacRoberts received a Bronze Award in Stonewall's Workplace Equality Index for our commitment to LGBTQI+ inclusivity in the workplace.
MacRoberts is a longstanding member of Scotland Food & Drink, the leading trade association for Scotland's food and drink industry.
MacRoberts is an Associate Member of SELECT, Scotland's largest construction trade association.