IT & Data Protection Law

Data Breach Solicitors | IT Contracts Drafting & Reviewing | In-house 'vCounsel' services

database security, phishing, hacker attack concept. hackers stealing personal data. flat design illustration vector

Essential IT & Data Protection Legal Services

In today's digital world, IT legal services are essential for any business that deals with technology, data, and online platforms. Whether you need to draft a software license agreement, negotiate a cloud computing contract, or comply with data protection regulations, you need a reliable and experienced legal partner to help you navigate the complex and ever-changing legal landscape.

That's where CyberStreet comes in. We specialise in providing tailored and practical solutions for your IT legal needs. We can also work across our business offerings to tailor a project to give deliver value to your business e.g., a cyber security maturity assessment, together with a data privacy audit, all covered off with a legal review of the highlighted risks.

Our team has qualified and skilled tech lawyers with extensive knowledge and experience in various IT & data protection legal domains. Here are details about how we can help:

data breach icon

Data Breach Legal Support:

We provide you with comprehensive and timely legal support in the event of a data breach or cyberattack that affects your business. We will assist you with

  • preparation for, and management of, personal data breaches (including cybersecurity incidents)
  • managing your external stakeholders (including your insurer to help qualify your claim)
  • accelerated understanding - compared to non-technical lawyers - of legal implications around a technical incident issues
  • mitigating the legal risks and liabilities throughout the process and
  • liaising with the UK ICO around notifications and other communications, including any ongoing scrutiny.


server protection icon

Data Protection Advice:

We help you comply with the data protection laws and regulations that apply to your business, such as the General Data Protection Regulation (GDPR) and e-Privacy (inc. PECR). We can draft and review data processing agreements and other related agreements. We also advise on the drafting, reviewing and implementation of data processing agreements, joint controller arrangements, privacy policies, consent forms, privacy compliant marketing, data subject rights, DPO requirements assessment, data transfer agreements, and more.

Contracts icon

IT Contracts:

We draft, review, and negotiate various types of IT contracts, such as software development agreements, software licensing agreements, software as a service (SaaS) agreement, cloud computing contracts, website terms of use, online sales contracts, e-commerce agreements, outsourcing contracts, and intellectual property licensing agreements.

At CyberStreet Law, we understand that every business is unique and has different IT legal needs. That's why we offer customized and cost-effective IT legal services that suit your specific goals and budget. We also pride ourselves on our client-focused approach and our ability to communicate complex IT legal issues in a clear and understandable way.

Our Legal Services

If you are looking for a trusted partner for your IT and Data Protection legal services, look no further than CyberStreet Law.

external counselling icon

External Counsel

This is where one of our solicitors provides advice to your business from CyberStreet Law. This would suit a scenario where you have an in-house legal function or want something specific. For example, data privacy legal advice around a specific issue or an IT legal agreement to be drafted or reviewed.


We aim to provide either a fixed fee or agree a retainer basis, once we have established your requirements. Get in touch for a free consultation and follow-up quote.


in house counseling icon

In-house vCounsel

Features of our vCounsel service:

  • One of our solicitors becomes your in-house lead or Senior IT & Data Protection counsel
  • The vCounsel service operates via virtual means, allowing swift legal support at convenient times for your business.
  • The vCounsel operates under your technical infrastructure, unless you purchase our CyberStreet Windows 365 provisioning service (see bolt-on services below) where we will prepare a windows virtual environment connecting to your Active Directory.
  • We will work with you to select a best-fit plan from one of the three below, over a 12 or 24 month term

Our lead lawyer

Nick Soni, Director
FIP | CISSP | CIPP/E/US | CIPM | PgDip (Oxon) | Solicitor

Nick started out his career over 20 years back as a C++ software engineer. His experience moved more into systems administration and then information governance. His technical background has been an invaluable support in his legal work since Nick qualified as a Solicitor in 2015, demonstrated through his senior legal roles across privacy and cybersecurity law, both in top 100 UK law firms (inc. Herbert Smith Freehills and Macfarlanes) and in-house experience in well-known global corporations (inc. Fortune 200 companies, CBRE and Cognizant).

  • Managing the legal response to personal data breaches including liaising with the UK ICO and coordinating the legal response to a data breach
  • Preparation or review of various IT contracts and data privacy legal agreements
  • Legal risk assessments for businesses under UK data protection law
  • Strategic privacy guidance and support for global privacy programmes (including experience of working with international privacy laws), including privacy management using privacy tools (e.g., OneTrust)
  • Cyber security maturity assessments
  • Cyber security compliance roadmap preparation and implementation support
  • Assessor for the UK NCSC’s Cyber Essentials standard and IASME’s Cyber Assurance standard.
  • Senior Counsel, Data Privacy & Cybersecurity, Macfarlanes LLP
  • Senior Associate, Cybersecurity, Herbert Smith Freehills
  • Senior Privacy Counsel, Cognizant Inc.
  • Associate Director, Global Data Privacy Office, CBRE
  • Senior Privacy Support Counsel, Ford Motor Company

"I received guidance and support from Nick in a complex regulatory matter...he was knowledgeable, practical and supported - a trusted advisor" - Ted Sheils, Global Head of Data Sharing, Privacy & Ethics, HSBC, GB&M


"Nick helped me bring my organisation into compliance with GDPR in a short time.  He was responsive, pragmatic, and had good business sense as well as legal expertise" - Neil Salon, General Counsel, Cogito Corp.

"Nick provided support during a GDPR implementation program.  He was extremely professional, and demonstrated his expert knowledge within the field of Data Protection.  The advice provided was clear and concise, which ensured the program ran smoothly.  I would highly recommend him for any similar project or programs." - Julia Palmer, Director Privacy & Governance, Cowen Inc.

"I have worked on and off with Nick for over 7 years now.  I have the utmost faith in his abilities and advice, and have the comfort of knowing I can reliably depend on a first class service.  Plus, he's enjoyable to work with!" - Ian Molloy, Chief Financial Officer, Energy Industries Council

Frequently Asked Questions

Yes, absolutely. Our lead lawyer is Nick Soni, a qualified solicitor with a current practising certificate and years of experience in his areas of practice.

CyberStreet only use IT & data protection lawyers with years of experience in their fields.  Often you will find our lawyers have practical experience as technology professionals in their past.

We can employ solicitors to give legal advice, but we are not a traditional law firm. Our solicitors are qualified and regulated as individuals in the same way as any other solicitor. Unlike traditional law firms, however, our business itself is not regulated by the Solicitors Regulation Authority (“SRA”). Solicitors who work outside of a traditional law firm are sometimes called ‘freelance solicitors’ or ‘independent solicitors’. For some types of legal work, a client might need to use a traditional law firm (see below). For most legal advice, however, it is not always necessary for solicitors and clients to incur the full cost of a traditional law firm.

Along with our services likely being more cost effective than a traditional law firm, our legal advice is still provided by a qualified and experienced solicitor. The legal services we provide must meet the same high standards set for all solicitors. As well as benefiting from their years of study and training, using CyberStreet Law you also can feel reassured since

  • our solicitors are regulated by the SRA and comply with the high standards of ethical conduct required, including to advise you in your best interests (regardless of what is best for our business); and
  • complaints about a solicitor’s legal work can be raised with an independent Legal Ombudsman. More information can be found in our terms of business.

The SRA and the Legal Ombudsman only deal with solicitors and a solicitor’s legal work, however. Any concerns about our business as a whole, or any of our non-legal work (via CyberStreet Cyber Security or CyberStreet DPO), would be dealt with in the usual way, as for any other business.

Yes. For the type of legal work we offer, we are not required to take out ‘professional indemnity insurance’ which meets the minimum standards of cover required of traditional law firms. Nonetheless, we have purchased other professional indemnity insurance to cover our advice up to a limit of £2 million. This is so that, in the unlikely event that a solicitor makes a mistake in their work, insurance is in place to protect you. If you would like to see the policy to more fully understand the terms and exclusions or have any questions about the cover, please do let us know.

For our areas of law, we find that this business model is a great fit for clients, delivering the expertise that they need within a boutique practice without all the costs of a more traditional practice. However, we do want to be open about the differences between us and a traditional law firm so there are some details on this below.

An unregulated practice can be a great option for certain types of work such as general legal advice and legal drafting on a variety of topics including IT law contracts, data protection advice and related regulatory matters. For some other matters, clients do still need to use traditional law firms, such as:

  • suing people, being sued or making claims (including immigration work and employment related claims made by the employee) (‘Litigation’);
  • dealing with someone’s estate after they have died (‘Probate’);
  • buying and selling property, including commercial property (‘Conveyancing’); and
  • legal work which has a financial services element to it.

For most areas of law, however, this has not been necessary since late 2019.

There may also be other occasions where we feel that someone might be better off working with a traditional law firm and, if so, we will tell you. For example, the following can sometimes be particularly important:

  • The handling of client money: we cannot hold client money for you in the same way that some traditional law firms do. Client money held by traditional solicitor firms also benefits from possible access to the SRA compensation fund should a solicitor ever steal money from the client account (an extremely rare occurrence). Notwithstanding the scenario described, we do not consider this a problem for the types of work we undertake given we have no need to hold client money;
  • SRA ‘minimum terms’ professional indemnity insurance cover: this significantly limits the circumstances in which an insurer can escape liability for funding claims in the event of a mistake being made and requires a minimum amount of cover of £2 million to £3 million; and
  • Benefitting from ‘Legal Professional Privilege (LPP)’

Briefly, LPP protects certain confidential communications (and related documents) between a lawyer and the company from disclosure without the company’s permission, for example in relation to regulatory review or in court matters.

Where we act as your external counsel, there is uncertainty around whether LPP applies. The SRA will not provide guidance on the issue and considers it a matter of law. There is no such confusion where traditional law firms provide legal advice, and such protection is available. You should consider whether as a result a traditional law firm would better suit your needs.

All solicitor work is confidential, including our own. A solicitor under our unregulated model work may potentially benefit from LPP which may not otherwise be available. We would argue confidential communications between a solicitor and a client are subject LPP in this new model and believe there are good grounds for doing so.

If you use our In-House vCounsel services, where one of our solicitors is a contracted lawyer in your business (rather than providing external legal advice to your business from CyberStreet Law), this is a well-recognised scenario where LPP is available.

For the type of legal work which we do, we generally find that our clients benefit greatly from working with us as an unregulated practice. We can offer clients the reassurance of working with a qualified and experienced professional without necessarily incurring the full cost of a traditional law firm service. If you have any questions, please do not hesitate to ask.

We offer flexible and affordable packages that suit your business goals and requirements.

We believe that cybersecurity, tech law and data privacy are not separate issues, but interrelated and interdependent aspects of doing business online. That's why we offer a holistic approach that covers all three areas, from risk assessment and mitigation to legal compliance and advice, to data protection and governance.

Contact Us

If you would like to book a consultation or have any questions about our services and how they would be of benefit to you, please do not hesitate to get in touch.

Book a Consultation

General Enquiries

"*" indicates required fields

This field is for validation purposes and should be left unchanged.