The largest legal team in Scotland dedicated to data privacy & protection and managing cyber security incidents.
Central to the efficient operation of businesses and organisations of all types is the ability to collect and manage data quickly and safely. In an increasingly challenging environment for data security, we’ve assembled the leading data protection & cyber security team in Scotland to support our clients in that objective.
Our team of dedicated data & regulatory protection lawyers will help navigate what can be complex data privacy laws and regulation, to ensure your data strategy and processes are compliant with current and forthcoming regulation.
We’re equally expert at times of crisis and, as the risk of cyber-attacks grows year on year, we can support you through data breaches and cyber-attacks whether these are large scale, external attacks or smaller, localised events relating to employee actions.
Working with clients across the UK, our integrated team of data and cyber security experts have worked extensively across a wide range of sectors and markets covering all aspects from contractual obligations with suppliers, employee contracts, IT security and data protection, to risk assessment, audit and review, and crisis management.
Please contact us for an early-stage discussion on any concerns regarding your data and cyber security and sign up for our Data Protection & Cyber Security updates and events. For more details on our services please explore the dedicated pages below.
Our comprehensive data protection & cyber security offering encompasses expertise and support for clients whether they want to check they have the necessary safeguards in place to protect their data and ensure regulatory compliance, need advice on licensing and commercial agreements, or require an urgent and expert incident response service following an attack or breach.
Services include:
- Assessments and audits
- Agreements
- Compliance and policies
- Investigations
- Licensing and commercialisation
- Breaches, including formulation and implementation of a response plan, and remedial action

Key Contacts

Hazel Moffat
Partner | Board Member
Public Law
Hazel is head of our Public Law and Regulatory division, and has represented clients including the Scottish, UK and EU Governments.

David Goodbrand
Partner
Commercial Contracts
David specialises in advising clients on outsourcing arrangements, IP licensing, complex commercial contracts, fintech and the use of information.

Jo McLean
Director
GDPR & Data Protection
Jo provides strategic advice on the complex interactions between data protection and broader digital regulatory areas such as ePrivacy.

Colin Hulme
Partner | Board Member
Intellectual Property
Colin is head of IP, he is the only IP litigator in Scotland with a Band 1 ranking in Chambers UK and in the Legal 500 Hall of Fame.

Lynne Gray
Partner
Health & Safety
Lynne handles contentious and non-contentious regulatory compliance issues, helping clients every step of the way.

Joanna Fulton
Partner
Product Liability
Joanna has a particular focus on product liability and product safety matters, leading our Chambers UK band 1 ranked product liability team.

Nick Warrillow
Partner
Dispute Resolution
Nick has experience of advising individuals, corporates and financial institutions in connection with a range of complex and high-value disputes.
Related Practices
GDPR & Data Protection
Precise navigation of data protection, privacy and cyber-security.
Data Protection Consultancy & Advisory Service
Consultancy services to meet your business needs.
Cyber Attacks & Data Breaches
Mitigating the risks of, and responding to, cyber security incidents.
Related News, Insights & Events

Data Subject Access Requests Masterclass Webinar
03/06/2025
Online masterclass for practical tips from our data protection and employment law experts on managing even the most complex DSARs.

M&S ransomware attack – what can we learn?
Discussing the recent ransomware attacks on M&S and the Co-op Group, highlighting the risks of cyber crime, potential regulatory consequences, and the importance of strong cyber security measures

Cyber security – fin(e)al decisions from the ICO
Highlighting the key ICO findings and what they mean for businesses handling sensitive data, with practical takeaways to help organisations strengthen cyber resilience and reduce regulatory risk.