Eleanor Dodding

ELEANOR DODDING advises international clients on a wide range of data protection, privacy, and cybersecurity matters, including advising on compliance with both the EU and UK General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and ePrivacy legislative frameworks, such as the EU ePrivacy Directive and the UK Privacy and Electronic Communications Regulations (PECR), alongside new EU and UK AI, digital data, and cyber laws.

She advises clients in a range of industries, with a particular focus on those in the life sciences, asset management and private equity, insurance, retail, payments, and technology sectors.

Eleanor’s recent experience in assisting clients in matters involving privacy, cybersecurity, regulatory, and enforcement issues includes:

• Managing GDPR compliance projects for global clients with multiple entities, including those in the financial services, professional services, life sciences, media, and retail industries.
• Advising a technology client on EU telecoms and electronic communications issues, with a particular focus on product counselling.
• Ongoing counselling of a healthcare client with respect to its negotiation of clinical trial agreements with institutions and sponsors at a global level and related privacy and healthcare-compliance issues.
• Assisting clients with preparing for, and responding to, cybersecurity incidents and personal data breaches.
• Advising clients on issues associated with international data transfers (including compliance with Schrems II and the EU-U.S. Data Privacy Framework).
• Assisting with privacy and data security due diligence in connection with corporate transactions (e.g., M&A transactions).
• Advising clients on the EU’s package of new artificial intelligence and digital data legislation, including the EU AI Act and the European Health Data Space, as well as the EU’s cyber reforms, including the NISD2 and DORA, together with emerging UK privacy and digital data laws, including the Data Protection and Digital Information Bill.
• Developing external- and internal-facing policies, procedures, and notices to facilitate compliant data collection and handling, including privacy notices, data privacy policies, cybersecurity, and privacy risk assessments.

Eleanor is recommended by Legal 500 UK in 2023 and 2026 for Data Protection, Privacy and Cybersecurity.  

Prior to Sidley, Eleanor trained as a solicitor at another international law firm, where she gained experience in the corporate, commercial, and litigation practices.

In recent years, Eleanor has advised:

• Life360 on the EU data privacy and cybersecurity aspects of its acquisition of Nativo, a leading advertising technology company.
• Bilkul Football in the data protection aspects of its acquisition of West Bromwich Albion Football Club.
• Pictet Alternative Advisors in its Acquisition of Pareto FM.
• IDEX Corporation on the EU/UK data protection considerations in its definitive agreement to acquire micro-precision technology manufacturing company Muon B.V. and its subsidiaries from Rivean Capital for a cash consideration of €700 million.
• Partners Group, a leading global private markets firm, on expanding the shareholder base of International Schools Partnership, a leading international group of K-12 schools.
• Salesforce on its US$1.33 billion acquisition of Vlocity, Inc, a leading provider of industry-specific cloud and mobile software. 
• TowerBrook Capital Partners on its investment in GBA Group, a provider of end-to-end vehicle logistics services to the global automotive and shipping industries.

• London Pro Bono Committee
• Women in Privacy, an international networking group for women data protection and privacy professionals