Contact us
T: +44 (0)845 257 9449
F: +44 (0) 207 000 1269
E: info@excellolaw.co.uk
Join Us
OUR LAWYERS

Wayne Cleghorn

Partner in Technology, Data Protection, Privacy, Cybersecurity and Artificial Intelligence

+44 (0) 845 257 9449
Contact Wayne

Contact Wayne

  • This field is hidden when viewing the form
  • This field is for validation purposes and should be left unchanged.

Wayne Cleghorn is an experienced and specialist Senior Technology Lawyer focusing on data protection, global data privacy, data breach response, and new technology governance, including artificial intelligence. He engages effectively with clients, identifies the key issues, gives practical advice, and offers unique insights because of his diverse experience. His advice and guidance are always risk-based, pragmatic, and commercially astute.

Wayne’s practice includes advising UK, European, US, and international data protection programmes, leading data protection audits, drafting data privacy policies, updating GDPR procedures and documentation. His work includes responding to large data breaches, including ransomware, strategically responding to complex subject access requests, advising on regulator investigations, and helping organisations respond effectively to regulators and enforcement measures. He also drafts commercial contracts, negotiates data processing agreements, and arranges international data transfers via Standard Contractual Clauses, Binding Corporate Rules, and other tools. He has advised a wide range of sectors, including financial services, fintech, technology, manufacturing, retail, ecommerce, health, biotechnology, universities, and government bodies.

Wayne has worked in private practice, in-house, as a government lawyer, and a Management Consultant. He is also a certified Project Manager and a Lead Data Protection Officer (DPO).

Wayne's Experience

Led the work programme at a Fortune 500 US Silicon Valley global cloud services provider to review and update GDPR Privacy by Design policy and procedures, Data Protection Impact Assessments (DPIAs), Privacy Impacts Assessments (PIAs) and Privacy Risk Registers of over 100 infrastructure, hardware, software products and digital services. 

Provided statutory Data Protection Officer services to a UK Central Government Department and Non-Departmental bodies for a big data project with 15 parties and income of £20 billion to combine trade, transport, security and private sector data.  

Advised Nasdaqlisted DutchUS biotechnology and pharmaceutical company on UK postBrexit data protection, UK supply chain reviews and improve US data transfer practices. 

Advised UK based Application developers to launch a global education App by imbedding UK ICO’s Appropriate Design Childrens’ Code, drafted Terms and Conditions, Data Protection Policy, GDPR FAQ, UX data minimisation and set user consent protocols.  

Helped a UK and European retail bank and fintech to increase its data science, big data analytics and debt-risk intelligence data capabilities. Included data brokers and credit reference agency contracts, negotiations, risk analysis and artificial intelligence services.

Responded to a major health data ransomware attack by Black Basta (linked to the Conti and REvil groups) that required recording and breach response under GDPR, California law, 25 US states and the US Health Insurance Portability and Accountability Act (HIPAA).

Led a project to assess, limit and remediate the EU and US insurance and healthcare supply chain effects of Australia’s Medibank data breach in 2022 

2007

Keen interest in travel, photography and gospel music. Always seeking opportunities to develop French language skills.  

Certified Prince 2 Project Manager

Member of the International Association of Privacy Professionals (IAPP), with certifications:  FIP (Fellow), CIPP/E (Europe), CIPP/US (United States) and CIPT (Technology) 

Professional Member of the BCS, the Chartered Institute for IT – MBCS 

Understanding Europe’s Big Six Data Protection Regulators (PrivacySolved Insights) 

https://www.privacysolved.com/understanding-europes-big-six-data-protection-regulators/  

 

International Data Transfers: New UK Standard Contractual Clauses (PrivacySolved Insights) 

https://www.privacysolved.com/international-data-transfers-new-uk-standard-contractual-clauses/  

 

The Ransomware Problem: Five Steps to Success (PrivacySolved Insights) 

https://www.privacysolved.com/the-ransomware-problem-five-steps-to-success/  

 

Testimonials

“I appreciate your dedication to improving our global privacy programme. Please know that we will continue to make progress on this plan and our overall programme.”   

Vice President & Chief Privacy Officer, Fortune 500 Technology Company 

Thank you for the hard work on this. We appreciate the assistance and collaboration (and advice) we have received over the course of this process. Thanks a lot, on behalf of our team!”       

Director, Cloud Solutions Architecture, Global Cloud Services Company 

“Thanks for your willingness to continue supporting our Group. It was a pleasure.”                  

Group Executive Committee Member & Group General Counsel, Global Consulting, Technology and Digital Company  

Wayne's Updates