Skip to main content
Joanna de Fonseka

Joanna de FonsekaLegal Director

Download vCard

I am a Legal Director in Lewis Silkin's Data, Privacy & Cyber team, where I advise leading multinational organisations across a range of industries on data, privacy and cyber issues.

I assist clients with a wide variety of privacy compliance matters including general compliance strategy, audits and assessments; online advertising, direct marketing and cookies; data sharing and data processing arrangements; privacy policy/privacy notice reviews; international data transfers; and privacy-related aspects of new technologies, products and services. In addition, I regularly assist clients with contentious data and privacy work, including data breaches, data subject requests and complaints, and regulatory investigations.

I also hold the IAPP CIPP/E data protection certification, and regularly speak at events and conferences on data and privacy issues.  

I advise clients on a broad range of data, privacy and cyber matters. Recent experience includes:

  • Leading GDPR/UK GDPR compliance projects for clients in a wide variety of industries (including consumer goods and retail, technology, financial services and healthcare), including conducting compliance assessments and advising on recommended implementation steps;
  • Drafting, negotiating and advising on data protection provisions in a variety of commercial agreements and advising on controller/processor roles;
  • Providing strategic advice on international data transfers, including standard contractual clauses and transfer impact assessments;
  • Advising on the data protection implications of Brexit, for example in relation to lead supervisory authority designations and DPO appointments;
  • Advising on data protection compliance in the context of online advertising and adtech solutions;
  • Advising on direct marketing and cookie compliance;
  • Assisting clients with responding to data subject complaints and requests, including subject access, erasure and direct marketing opt-outs, as well as data subject compensation claims;
  • Advising on data protection issues in the context of M&A transactions, including due diligence and negotiation of data protection terms;
  • Advising on data security breaches and incident response;
  • Advising a large multinational organisation on a major regulatory investigation.

Awards & Recognition

  • Chambers 2024 (Data Protection & Information Law) - "Joanna de Fonseka is very knowledgeable in privacy and data protection. She provides pragmatic business guidance."
Back To Top