Legal Guidance and Research / Experts / Tughan Thuraisingam
Tughan Thuraisingam#8178
LinkedIn External

Tughan Thuraisingam

DWF LLP
Tughan has extensive experience in supporting clients with large-scale privacy compliance programmes and post-acquisition privacy alignment projects. He enjoys working closely with innovation and technology teams to embed privacy into the operations of a client's business. 
 
Prior to DWF, Tughan worked in the legal services business in a Big 4 accountancy firm. He spent over two years on secondment to one of the world's largest global payments technology companies. Through his in-house experience, Tughan has developed substantial expertise in providing pragmatic and commercially focused solutions to the more complex issues faced by clients in this area.
 
Tughan is part of the Data Protection Finance Group ('DPFG') leadership team. The DPFG is a communication network of over 400 lawyers and privacy professionals across the financial services sector.

Practice Area

Panel

  • Contributing Author

Qualified Year

  • 2016

Experience

  • Charles Russell Speechlys LLP (Aug 2011 - Nov 2014)
  • PwC UK (Nov 2014 - May 2020)

Membership

  • Leadership Team Member of the Data Protection Finance Group
  • Member of the International Association of Privacy Professionals

Qualification

  • Qualified Solicitor admitted in England and Wales (2016)

Education

  • University of Southampton (LLM) (2009–2010)
  • University of Southampton (LLB) (2006–2009)

1 Contributions by Tughan Thuraisingam

UK GDPR representative appointment and notification clauses for controller–processor (supplier–customer) agreements — pro-controller and pro-processor options
PRECEDENTS
UK GDPR representative appointment and notification clauses for controller–processor (supplier–customer) agreements — pro-controller and pro-processor options
Note These provisions are prepared on the basis that the applicable contract is a business-to-business arrangement, with the supplier acting as processor for a customer in the role of controller, in relation to the processing of personal data governed by the United Kingdom General Data Protection Regulation (UK GDPR), Assimilated Regulation (EU) 2016/679. The terms ‘supplier’ and ‘customer’ (in place of ‘processor’ and ‘controller’) are used to simplify incorporation into commercial contracts. The drafting also relies on the additional defined terms ‘Agreement’, ‘Business Day’, ‘Customer’, ‘Data Protection Laws’, ‘Data Subject’, ‘GDPR’ and ‘Supplier’, which are assumed to be defined appropriately elsewhere in the relevant agreement. It is further assumed that ‘GDPR’ refers to UK GDPR and that ‘Data Protection Laws’ includes UK GDPR. These provisions can also be adapted for circumstances where the EU General Data Protection Regulation (EU GDPR), Regulation (EU) 2016/679, applies... 1 Definition (to be incorporated into relevant part of the agreement) 1.1 Representative •...
Information Law
Expert page AD
If you expected to see yourself on this page, click here.