Nora Santalu

I'm an associate in the privacy and data protection team in London. I help with implementing GDPR and eprivacy law compliance projects across sectors, from financial services to life sciences.

I advise on a wide range of privacy and data protection issues, particularly on data transfers, data subject rights, internal data protection policies and eprivacy rules.

My experience includes advising on GDPR's effect on the use of blockchain technology, data anonymisation and pseudonymisation techniques, helping franchises in food and child product industries to comply with the EU and the UK data protection laws and preparing global privacy notices for multinational media and healthcare entities.

As a fluent Turkish speaker, I am also familiar with Turkish data protection law and help clients with localisation projects in Turkey.

Before joining Bird & Bird, I spent three years working in the financial services industry, where I developed my knowledge on the functioning of various payment products including virtual currencies and blockchain technology. I regularly responded to consultation texts of laws regulating financial services across the EEA and helped start-ups and challenger brands, as well as large technology organisations in their compliance programmes. My niche experience helps my clients who require a commercial and technical understanding of the fintech industry irrespective of their size.