Sian Stephens

Sian qualified in 2009 and is a GDPR corporate associate and data protection specialist in the Corporate Team. Sian has worked with a range of SMEs US and technology companies in the Fintech, Fashtech, Adtech, Medical Tech and the Microsoft technology space as well as advising on privacy laws in the United States including the California Consumer Privacy Act (CCPA) and has an international data focus.

Sian’s data work consists of advising and drafting compliant policies and procedures to include:

Data protection policies/ privacy standards, a range of privacy policies for websites, APPs and commercial contracts, cookies policies, fair processing notices for employees, workers and contractors, recruitment privacy notices, marketing consent notices;

• Data transfer agreements/standard model contractual clauses,
• Binding Corporate Rules;
• Data retention, security, IT, and bring your own device policies;
• Subject access request policies and data breach policies;
• Data sharing and data processing agreements.
• Data audits and data mapping processes;
• The e-privacy regulations and the PECR.

Sian’s technology work has involved drafting and reviewing Master Service Agreements, Professional Service Agreements, Non-Disclosure Agreements, Framework Agreements, Software as a Service (SAAS) and Website as a Service Agreements, End-User Licences, Reseller Agreements, Licences to Assign IP and a range of corporate commercial bespoke contracts.

She reviews data protection provisions in a range of corporate and commercial contracts and advises on database transfers in corporate transactions. She also drafts privacy clauses in employment contracts and privacy notices for employees, workers, contractors and consultants and advises on a range of privacy issues in connection with employment law matters.

Sian is passionate about data protection law and compliance with the UK GDPR and believes that privacy should be at the heart of all business activities in the UK and internationally.

Sussex University LLB, LLM International Commercial Law.

Sydney University LPAB, Legal Professional Admissions Board.

Qualified as a Solicitor in England & Wales 2009 and in Australia (New South Wales) 2016.

Member of the International Association of Privacy Practitioners (IAPP).

She holds the Certified Information Privacy Professional/Europe (CIPP/E) Certification.