Rocio de la Cruz Principal Associate


Speaks:  English, Spanish


Primary office:  Birmingham


Areas of expertise:



Rocio de la Cruz

Rocio is a European data protection lawyer who helps clients to minimise risks to their businesses in matters concerning Privacy, Information and Data Protection Law. She has broad international experience in Data Protection, e-Commerce and Information Law applied to both the private and public sectors.

Rocio works on complex projects where she is able to lead and undertake data protection audits and privacy impact assessments; negotiate and draft data processing agreements, data sharing protocols, binding corporate rules, policies, guidelines and privacy notices. She also assesses the implementation of measures needed in order to meet the data protection standards in a global market and help clients to deal with subject access, freedom of information, environmental information requests and complaints to the ICO.

Rocio’s multijurisdictional knowledge on implementation of different data protection regimes, along with the General Data Protection Regulation (GDPR),means she is well-placed to advise clients on the implementation and/or transitional arrangements in time for 25 May 2018. She also has reviewed and written articles related to GDPR in practice and the new UK Data Protection Bill and speaking at relevant European cybersecurity and data protection summits, amongst other events.

Rocio's experience includes:

  • Carrying out Data Protection Audits
  • Assisting clients with Data Mapping exercises
  • Drafting data privacy policies, guidelines and statements
  • Drafting and negotiating data sharing agreements data transfer agreements and other arrangements required under the data protection legislation.
  • Training board of directors and staff on Data Protection and Freedom of Information issues
  • Producing tailored checklist to help clients to carry out self-assessments where applicable
  • Assisting clients with data subject requests and freedom of information requests
  • Drafting data privacy policies, guidelines and statements.

She is also incredibly innovative, and clients define her as "a geek-privacy lawyer with a strategic and passionate vision", "a very engaging speaker – her down to earth, relaxed delivery made the principles very memorable.", and "Really inspirational".

Career & Recognition

Filter timeline:
  • 2016

    • Career
      2016
      Gowling WLG (UK), principal associate
  • 2015

    • Career
      2015
      Birmingham City Council, privacy and information law solicitor
  • 2013

    • Career
      2013
      Global Actio Abogados, founder
  • 2005

    • Career
      2005
      Sole Practitioner, lawyer

Insights & Resources