I am a Legal Director in Lewis Silkin's Data & Privacy team, where I advise leading multinational organisations across a range of industries on data, privacy and cyber issues.
I also hold the IAPP CIPP/E data protection certification, and regularly speak at events and conferences on data and privacy issues.
I advise clients on a broad range of data, privacy and cyber matters. Recent experience includes:
- Leading GDPR/UK GDPR compliance projects for clients in a wide variety of industries (including consumer goods and retail, technology, financial services and healthcare), including conducting compliance assessments and advising on recommended implementation steps;
- Drafting, negotiating and advising on data protection provisions in a variety of commercial agreements and advising on controller/processor roles;
- Providing strategic advice on international data transfers, including standard contractual clauses and transfer impact assessments;
- Advising on the data protection implications of Brexit, for example in relation to lead supervisory authority designations and DPO appointments;
- Advising on data protection compliance in the context of online advertising and adtech solutions;
- Advising on direct marketing and cookie compliance;
- Assisting clients with responding to data subject complaints and requests, including subject access, erasure and direct marketing opt-outs, as well as data subject compensation claims;
- Advising on data protection issues in the context of M&A transactions, including due diligence and negotiation of data protection terms;
- Advising on data security breaches and incident response;
- Advising a large multinational organisation on a major regulatory investigation.
Awards & Recognition
- Chambers 2024 (Data Protection & Information Law) - "Joanna de Fonseka is very knowledgeable in privacy and data protection. She provides pragmatic business guidance."