Paul Maynard

Paul Maynard


Email paul.maynard@​

Phone +44 20 7296 2000

Fax +44 20 7296 2001

LanguagesEnglish, German

Practice groupGlobal Regulatory

An associate in the Government Regulatory group, Paul Maynard works in the Privacy and Cybersecurity team at Hogan Lovells. He assists clients in the rapidly-changing regulatory landscape, and has experience of advising clients on internal compliance programmes, large-scale contractual negotiations, and cybersecurity breach management across a variety of industry sectors, including online retail, consumer, food and drink, technology, pharmaceuticals, travel, financial services, and automation. In particular, he advises on compliance with privacy rules related to online advertising and advertising technology.

Paul has worked on a variety of aspects of compliance, in particular the EU General Data Protection Regulation, direct marketing and cookies obligations under e-Privacy laws, and the Investigatory Powers Act. Among other things, he has advised on global GDPR compliance projects for multiple clients, including drafting policies and procedures to assist with compliance and building those into day-to-day business practices. This included auditing compliance with the requirements of the GDPR, reviewing and redrafting notices and consent wording to ensure compliance, conducting data protection impact assessments, and defended clients in relation to complaints and concerns from regulators.

Beyond GDPR compliance projects, he has negotiated large-scale data processing and sharing agreements, provided detailed advice on the scope and business implications of individuals' rights over their personal data, supported client teams in their management of global cybersecurity breaches, and drafted applications for Binding Corporate Rules to be submitted for approval with data protection authorities.

Education and admissions


M.Phil., University of Cambridge, 2012

B.A., University of Cambridge, 2011

Representative experience

Led the Hogan Lovells team advising a global online retailer on all aspects of their GDPR compliance programme, including a virtual secondment.

Assisted multinational clients in professional services, online retail and human resources sectors with Binding Corporate Rules applications.

Advised a global manufacturer on the management of a cybersecurity incident affecting their services worldwide.

Acted for multiple consumer-facing organsiations in relation to requests from the UK Information Commissioner's Office about their direct marketing practices.

Advised a US medical device company on the data protection implications of directly selling their product in the EU for the first time and negotiating relevant contracts.

Loading data