Greg Palmer

Greg is a partner in the TMT practice in London. He specialises in information law, commercial contracts including outsourcings and supply arrangements, and the IT or data elements of transactions.

His clients include large technology businesses that handle significant amounts of data and move it around the world to support their business operations and customers.

Greg advises clients on both contentious and non-contentious privacy issues. He has worked on matters involving high profile investigations by the Information Commissioner’s Office, sensitive data subject access requests, business-critical responses to sophisticated cyber-attacks, and structuring global international data transfer arrangements.

In addition, Greg advises on complex commercial contracts, having worked on a number of ICT outsourcings in both public and private sector and arrangements for the white labelling of financial services products for a retail business. Greg also focusses on helping clients implement compliance programs involving the regulation of data and has spent time working in-house on client secondments in senior data protection compliance roles.

Work highlights

Greg’s recent work highlights include advising:

• one of the large credit reference agencies on the Information Commissioner’s investigation into its use of personal data for analytics and marketing

• UBS, on its global end-to-end implementation of GDPR compliance

• Global (formerly Exterion Media) on its arrangement with Transport for London (TfL) for the advertising rights on the London Underground, at the time, the largest outdoor advertising contract in the world

• a leading industrial Internet of Things company on data protection compliance matters related to their dashcam technologies
• a global commodities and mining company on their procurement and global implementation of a SaaS HR management solution
• a large UK retail company on its white labelling arrangements for financial services and insurance products in the UK and the sale of a portfolio of white-labelled credit cards
• a number of global data businesses on submissions to DCMS on the UK’s Data Protection Bill (now the Data Protection Act 2018)
• UBS, BlackRock, and KPMG on their international information governance projects

Greg contributes regularly to publications on information law developments in the UK, including for Digilinks, Dataguidance and Data Protection Law & Policy. He has presented at seminars on data subject access, AI, e-Privacy and the GDPR and UK Data Protection Act.

Greg has an undergraduate degree in economics and law and a post-graduate law degree from the University of Cape Town, South Africa.