Joanna De Fonseka > Lewis Silkin > London, England > Lawyer Profile

Joanna De Fonseka

+44 20 7074 8408 Joanna.DeFonseka@lewissilkin.com View profile View profile

Work Department

Data and Privacy

Position

Legal Director

Career

Joanna is a Legal Director in Lewis Silkin’s Data & Privacy team, where she advises leading multinational organisations across a range of industries on data, privacy and cyber issues.

Joanna assists clients with a wide variety of privacy compliance matters including general compliance strategy, audits and assessments; online advertising, direct marketing and cookies; data sharing and data processing arrangements; privacy policy/privacy notice reviews; international data transfers; and privacy-related aspects of new technologies, products and services. In addition, she regularly assists clients with contentious data and privacy work, including data breaches, data subject requests and complaints, and regulatory investigations.

Joanna also holds the IAPP CIPP/E data protection certification, and regularly speaks at events and conferences on data and privacy issues.

Joanna advises clients on a broad range of data, privacy and cyber matters. Recent experience includes:

• Leading GDPR/UK GDPR compliance projects for clients in a wide variety of industries (including consumer goods and retail, technology, financial services and healthcare), including conducting compliance assessments and advising on recommended implementation steps;
• Drafting, negotiating and advising on data protection provisions in a variety of commercial agreements and advising on controller/processor roles;
• Providing strategic advice on international data transfers, including standard contractual clauses and transfer impact assessments;
• Advising on the data protection implications of Brexit, for example in relation to lead supervisory authority designations and DPO appointments;
• Advising on data protection compliance in the context of online advertising and adtech solutions;
• Advising on direct marketing and cookie compliance;
• Assisting clients with responding to data subject complaints and requests, including subject access, erasure and direct marketing opt-outs, as well as data subject compensation claims;
• Advising on data protection issues in the context of M&A transactions, including due diligence and negotiation of data protection terms;
• Advising on data security breaches and incident response;
• Advising a large multinational organisation on a major regulatory investigation.