Skip to main content

Andrew is a partner specialising in all aspects of data protection, freedom of information and privacy work including data protection audits, data security incidents, cross-border data transfers, outsourcing arrangements, subject access requests, direct marketing and general data protection and FOIA compliance. 

He also advises on general commercial law including in relation to outsourcing, information technology, ecommerce and consumer law matters.

Andrew is a lecturer on the PDP data protection practitioner's course. He also advises the Interactive Media in Retail Group (the UK's online retail association) on data protection and ecommerce matters. He is a member of the Society for Computers and the Law and regularly contributes articles to academic and trade publications.



  • an international retailer on the use of Microsoft cloud services including data protection cross-border compliance issues.
  • a national organisation with a high profile brand in relation to a major data security incident that placed our client at risk of significant brand damage and financial costs.
  • an international telecommunications company on the data protection and privacy issues relating to its outsourcing of an email platform for its customers.
  • a national organisation on a data protection audit of key contracts with suppliers and customers (with an estimated contract value of over £1bn). 
  • the Interactive Media in Retail Group (the UK's online retail association) on guidance for members and responses to consultations on new legislation including:

          - a guidance note for IMRG members on the cookies law
          - responses to the Ministry of Justice call for evidence on the EU Data Protection Regulation proposals
          - providing content for the IMRG UK Passport which provides information to retailers on the UK and EU regulations relating to ecommerce.


Contact Andrew Kimble

Please contact Andrew Kimble for any enquiries you may have using the options below.