Jo McLean | Burness Paull

Jo leads our data protection practice and is a partner in our technology & commercial team. Jo advises clients on a variety of data protection matters, including preparing bespoke privacy notices and policies, conducting data protection audits and reporting at board level on findings, documenting international data flows, and managing data security breaches. Jo has extensive experience in supporting clients with responding to data subject access requests and has helped shape our firm offering in this area so that we can provide an end-to-end outsourced solution for clients.

Jo also provides strategic advice on the complex interactions between data protection and broader digital regulatory areas such as ePrivacy, online safety, digital markets, e-commerce and AI. She has a particular interest in AI governance and supporting client with implementing policies, procedures, training and contractual protections for responsible use of AI. Jo also advises clients on data licensing agreements, enabling the use of data for training, fine-tuning, and retrieval-augmented generation (RAG) in the development of AI models.

Clients appreciate Jo’s exceptional knowledge and approachable manner.

Jo is a member of the Law Society of Scotland’s privacy law subcommittee, a member of the International Association of Privacy Professionals (IAPP) and a member of the Society for Computers and Law. She also holds the certified information privacy professional (CIPP/E) and artificial intelligence governance profession (AIGP) qualifications from the IAPP.

Related Insights

Error.

No results.

1
2
3

SpaceX has lifted off - but can Scotland find its orbit?

25/06/2026

This insight discusses how a specialist, innovation-led space ecosystem can compete, collaborate and attract investment in a market increasingly shaped by global platforms of unprecedented scale.

Getting your data ducks in a row: putting the Data (Use and Access) Act 2025 into practice for pension schemes

09/06/2026

In this blog, we consider how The Data (Use and Access) Act 2025 (the “DUAA”) raises the bar for how pension trustees’ role as data controllers must be performed.

Webinar recordings: Data Privacy & Cyber Webinar Series 2026

05/06/2026

Our annual Data Privacy and Cyber webinar series is designed to help organisations navigate the evolving data privacy and cyber security landscape with confidence.

Want to hear more from us?

Subscribe here Subscribe here

Burness Paull is known globally as the go-to Scottish law firm.

Guide: Doing business in the UK

Legal insights

M&A Deal Insight Report

Events

Webinar | Practical steps to prepare for ERA 2025

Topics

Welcome to Burness Paull.

Human and high-performing

Delivering real change for our clients, people and communities

Responsible business lies at the heart of our decision-making.

Firm news

Burness Paull tops £100m turnover with double-digit growth

We believe you’re not a tiny cog in a giant machine.

Vacancies

Looking for a workplace that will value your curiosity, passion, and desire to grow?

Don't settle for standard, help us set new ones.

Vacancies

How can we help you today?

Related Insights

SpaceX has lifted off - but can Scotland find its orbit?

Getting your data ducks in a row: putting the Data (Use and Access) Act 2025 into practice for pension schemes

Webinar recordings: Data Privacy & Cyber Webinar Series 2026

{name}

{properties.headline}

Want to hear more from us?