Francesca Blythe

Further experience includes advising:

Life Sciences:

• A healthcare technology company on the collection and re-use of data related to clinical trials and the formation of a data lake for scientific research purposes.
• A leading medical device manufacturer on cybersecurity breach response, including breach remediation and notices to individuals and regulators and advising on GDPR project implementation.
• A biotechnology company on the international transfer of personal data including, in response to Schrems II.
• A leading medical device manufacturer on cybersecurity breach response affecting large numbers of individuals in Europe, the U.S. and the Middle East, including breach remediation and notices to individuals and regulators and advising on GDPR project implementation.

Francesca also assists with dplegal (“data privacy” legal), a networking group of in-house lawyers in life sciences companies examining international data protection issues.

Financial Services and Payments:

• One of the world's leading investment banks regarding the impact of Brexit on its current EU data privacy and future GDPR compliance and the associated development of policies and procedures.
• A global (re)insurer on EU data protection issues including specific requirements under the GDPR, the implications of Brexit, responding to data subject and regulator requests, potential fines under the GDPR and international transfers.
• A global real estate investment advisor on compliance with the GDPR including the review, development and implementation of numerous policies and procedures on a multi-jurisdictional level.
• A US payments company on the application of the GDPR to its processing activities.

Technology, Manufacturing and Retail:

• A global manufacturing company on issues arising following a business-wide cybersecurity incident including, requirements around responding to regulators and subsequent remediation activities.
• A large public manufacturing company on global privacy and data protection compliance, cybersecurity readiness and response, and novel questions of data analytics and de-identification.
• A global online direct sales company on data protection issues in the EU including GDPR project implementation and advising on global data transfer solutions including, in response to Schrems II.
• A multinational ad-tech company on its GDPR compliance activities including, as it relates to the cross-border sharing of data.

Transactions:

• Great Hill Partners in connection with its acquisition of Notonthehighstreet, a UK curated online marketplace.
• Arthur J. Gallagher & Co. on its US$3.57 billion acquisition of Willis Towers Watson Assets.
• KKR on its investment in Feedzai, a leading cloud-based financial risk management platform.
• Great Hill Partners in connection with its investment in BigChange, the leading mobile workforce management technology company for the service and transport sectors.
• Cubic Corporation in its acquisition by Veritas Capital and Evergreen Coast Capital for an enterprise value of US$2.8 billion.
• Regal Beloit Corporation in its US$9.1 billion combination with the Process & Motion Control (PMC) Business of Rexnord Corporation.
• KKR on its participation in a US$530 million funding round in Wolt, a leading European food delivery business based in Finland.
• Arvelle Therapeutics, a Swiss-based biopharmaceutical company, on its sale to Angelini Pharma for a total cash consideration of up to US$960 million.
• Quest Software, a global systems management, data protection, and security software provider, in the acquisition of Erwin, Inc.
• Summit Partners on its €50 million investment in Solactive AG, a technology-enabled provider of indices and index solutions to the global financial services industry.
• GIC in connection with a US$1 billion investment in Convex Group, led by GIC and Onex Partners.
• KKR on its acquisition of Argenta, a leading animal pharmaceutical research and manufacturing company.
• Massachusetts Mutual Life Insurance Company on its acquisition of a shareholding in Rothesay Life.
• KKR on its investment in Zwift.
• H.I.G. Capital and Vernacare on the acquisition of Infection Prevention.
• KKR on its investment and follow-on investment in music platform Artlist.
• Goldman Sachs on its investment in tech platform LumApps.
• GHO Capital Partners LLP on its acquisition of Ardena.
• One of the world's leading investment banks regarding the impact of Brexit on its current EU data privacy and GDPR compliance and the associated development of policies and procedures.
• Goldman Sachs Private Capital on its investment in DocPlanner Group, a healthcare booking platform provider with operations in 15 countries.
• eBay Inc. on its acquisition of Motors.co.uk from Cox Automotive Relation Solutions.
• A global e-commerce company on dealing with an international data security breach.
• A global manufacturing company with a global data protection project, including implementation of Binding Corporate Rules.
• A global mobile marketing platform on governance protocols and privacy issues relating to Big Data, including in the context of the GDPR.

• Women in Privacy, an international networking group for women data protection and privacy professionals 
• IAPP (International Association of Privacy Professionals)