I am Co-Head of Lewis Silkin’s Data, Privacy & Cyber Group. I work in three main areas: data, privacy & cyber; commercial & consumer; and technology.
Although my main area of focus is data, privacy & cyber, I have a commercial & consumer and technology background so regularly advise clients across all three practice areas.
From a data, privacy & cyber perspective, I have advised a number of high profile clients on a range of complex data protection issues particularly around data collection and commercial exploitation and corporate governance. I also have also been involved in a number of high profile data regulatory investigations for large multi-national clients as well as advised on various data breaches. I hold the IAPP CIPP/E data protection/privacy accreditation and have spoken at a number of events on data, privacy & cyber issues.
From a commercial, technology and consumer perspective, I have a wealth of experience advising clients on both demand and supply side on a range of commercial agreements including supply of goods/services, software licensing & distribution, cloud services, agency and distribution, franchising, warehousing and logistics, sponsorship and ticketing, client/agency, media buying and confidentiality. I have also advised on e-commerce compliance and general consumer law issues and have been involved in a number of consumer regulatory investigations acting on behalf of well-known retailers.
My particular areas of specialism are retail and adtech and I am part of the Lewis Silkin’s Retail Law Group and Lewis Silkin’s Advertising and Marketing Law Group.
Data, Privacy & Cyber
I regularly advise clients on a range of data, privacy & cyber issues including privacy notices, online data collection, data processing/sharing arrangements, international transfers, data breaches and data subject rights and FOIA requests and corporate (including cyber security) governance. My particular area of expertise is use of data in an advertising and marketing context and I regularly provide strategic advice to brands, agencies, adtech vendors and publishers alike on data collection and commercial exploitation.
Examples of my recent work include advising:
- various organisations on their GDPR compliance programmes (including one of the world’s largest advertising networks) - this has included reviews of their cyber security policies & practices
- a well known multinational organisation on significant international regulatory investigation
- several major retailers on their optimal marketing strategy in light of the GDPR (including roll outs of their personalised loyalty schemes)
- a number of well-known brands, agencies, adtech vendors and publishers on compliance with the GDPR within the adtech ecosystem (from collection of consents, preparation of privacy notices and carrying out complex DPIAs as well as negotiation of high profile adtech and media buying agreements)
- a high street retailer on significant data breach
- various large multinational organisation on its intra group data sharing arrangements
- various large multinational organisations on updating their vendor contracts and carrying out transfer risk assessments in light of Schrems
- a large multinational on the data aspects of the roll out and subsequent use of its group wide CRM system
- a large multinational on creating a personalised customer experience on their website and apps;
- various large international brands on the creation of a single source of truth for their customer data – this has involved advising on pooling the data and carrying out complex analytics, profiling, segmentation and use of third party data brokers with a view to ensuring they can use their own data effectively as well as future monetisation
Commercial & Consumer
My work involves advising on a number of general commercial agreements including supply of goods and/or services agreements, distribution and agency agreements, sponsorship and ticketing agreements, franchising arrangements, warehousing and logistics agreements, client agency agreements, media buying agreements, and confidentiality agreements.
I also advise clients on the protection/ transfer of intellectual property which can include drafting and negotiating complex intellectual property assignments and licences.
I regularly advise on consumer law issues. This includes advising clients on consumer facing terms and conditions and general e-commerce compliance, providing support to clients that are the subject of regulatory investigations (which includes liaising with regulators on consumer law issues) and advising clients on appropriate alternative dispute resolution mechanisms.
I have provided advice to a number of organisations, mainly retailers, regarding compliance with Modern Slavery Act 2015 and in particular their obligations to provide a Modern Slavery Statement.
Examples of my recent work including advising:
- a number of high street retailers on various supply of goods and/or services agreements, warehousing and logistics agreements and ancillary/back office services type agreements
- fashion brands on various supply of goods and/or services agreements with both trade suppliers and retailers, warehousing and logistics agreements and the protection of their intellectual property
- media and/or advertising agencies on agreements relating to the supply of media/ advertising space and on various intellectual property assignments and licences relating to their own clients
- a major bookmaker in the gaming sector on a wide range of supply agreements including a number of digital content distribution agreements and agreements relating to the supply media/ advertising space
- a UK provider of satellite and data services on its supply arrangements with major UK TV broadcasting channels
- a large retailer on a CMA investigation into its selling practices
I regularly advise on a wide range of technology related agreements including: software development, licensing, hosting, maintenance and support (including website development and hosting) agreements; escrow arrangements; cloud computing and Software as a Service (SaaS) agreements. I also provide advice on IT security and disaster recovery and business continuity.
I have also been involved in a number of large scale outsourcing and systems integration projects which has involved co-ordinating advice across jurisdictions.
Examples of my recent work including advising on an end to end basis:
- a large publisher on its core media booking platform
- a professional services firm in respect of its purchase of a suite of systems software and related professional and support services
- two notable clients on the outsourcing of call centre functions to countries outside of Europe
- a major drinks brand on its customer data management solution and various ticketing solutions
- a major automobile brand on the implementation of a new HR platform
Awards and Recognition
- Chambers 2024 (Data Protection & Information Law (UK–wide)) - "With her commercial and consumer background coupled with her sharp mind, Bryony can focus on clients’ issues and provide solutions that are sensible and cost-effective." "Her advice is balanced, practical and demonstrates a good sense of the risks involved."
- Legal 500 2024 (Data protection, privacy and cybersecurity) - ‘Bryony Long has a commercial & consumer background coupled with her sharp mind when coming to GDPR issues. She knows how to advise clients remarkably when it comes to complex questions related to marketing issues, use and reuse of client data, for example.’
- Legal 500 2023 (Data protection, privacy and cybersecurity) - ‘Bryony Long provides excellent practical advice, enabling clients to make informed choices within a risk-based privacy framework. Bryony’s friendly and responsive approach makes her a pleasure to work with.’ ‘Bryony Long has built an excellent practice with top quality associates who deliver very practical and efficient advice.’ ‘Bryony Long is an exceptional partner with a real talent to cutting to the core of the issue and delivering practical advice in a timely manner. Ali Vaziri is also technically diligent and leaves no stone unturned to provide commercially balanced and clear advice.’
- Chambers 2023 (Data Protection & Information Law (UK–wide)) "Bryony is a very practical and helpful lawyer. She helps navigate the laws in a very commercially minded way. She's very responsive and has deep knowledge and experience that we can count on." "Bryony Long has an excellent understanding of her practice area and provides valuable pragmatic, commercial advice to our business. She is a very effective negotiator with a pleasant but determined manner. Her enthusiasm for her subject and interest in her clients make her such a pleasure to work with."
- Legal 500 2022 (Data protection, privacy and cybersecurity) - ‘Bryony Long’s background coupled with her sharp mind allows her to focus on clients’ issues and provide solutions that are both sensible and cost effective'