Jo McLean | Burness Paull

Jo leads our data protection practice and is a partner in our technology & commercial team. Jo advises clients on a variety of data protection matters, including preparing bespoke privacy notices and policies, conducting data protection audits and reporting at board level on findings, documenting international data flows, and managing data security breaches. Jo has extensive experience in supporting clients with responding to data subject access requests and has helped shape our firm offering in this area so that we can provide an end-to-end outsourced solution for clients.

Jo also provides strategic advice on the complex interactions between data protection and broader digital regulatory areas such as ePrivacy, online safety, digital markets, e-commerce and AI. She has a particular interest in AI governance and supporting client with implementing policies, procedures, training and contractual protections for responsible use of AI. Jo also advises clients on data licensing agreements, enabling the use of data for training, fine-tuning, and retrieval-augmented generation (RAG) in the development of AI models.

Clients appreciate Jo’s exceptional knowledge and approachable manner.

Jo is a member of the Law Society of Scotland’s privacy law subcommittee, a member of the International Association of Privacy Professionals (IAPP) and a member of the Society for Computers and Law. She also holds the certified information privacy professional (CIPP/E) and artificial intelligence governance profession (AIGP) qualifications from the IAPP.

Related Insights

Error.

No results.

1
2
3

Webinar recording - Data, AI and cyber: A look at what’s ahead for 2026

02/02/2026

Recording of our recent webinar where our data & cyber experts, David Goodbrand, Jo Mclean, Rebecca Roberts and Chloe O'Hara, discuss the upcoming changes and what to do to make sure you’re prepared.

The risk landscape in 2026: A horizon scan of what lies ahead for business leaders

19/01/2026

This horizon scanning article sets out some of the key risks for 2026 already visible across many sectors.

A good data be a trustee?: what does the Data (Use and Access) Act 2025 mean for pension schemes?

16/12/2025

The new Data (Use and Access) Act 2025 (DUAA) introduces some significant changes to UK data protection law since the GDPR. Its reforms have a direct impact on scheme governance and member experience.

Want to hear more from us?

Subscribe here Subscribe here

Burness Paull is known globally as the go-to Scottish law firm.

Guide: Doing business in the UK

Legal insights

M&A Deal Insight Report

Events

From pitches to platforms: Harnessing IP & technology in a summer of sport

Topics

Welcome to Burness Paull.

Human and high-performing

Delivering real change for our clients, people and communities

Responsible business lies at the heart of our decision-making.

Firm news

Responsible Business Report 2025: Charting progress and positive change

We believe you’re not a tiny cog in a giant machine.

Vacancies

Looking for a workplace that will value your curiosity, passion, and desire to grow?

Don't settle for standard, help us set new ones.

Vacancies

How can we help you today?

Related Insights

Webinar recording - Data, AI and cyber: A look at what’s ahead for 2026

The risk landscape in 2026: A horizon scan of what lies ahead for business leaders

A good data be a trustee?: what does the Data (Use and Access) Act 2025 mean for pension schemes?

{name}

{properties.eventName}

{properties.headline}

Want to hear more from us?