We advised a major grocery retail chain on a wide range of GDPR compliance matters, covering both day-to-day operations and more strategic data protection issues across its national store network and online platforms.
As a large data controller handling millions of customer interactions every day, the client operates in a complex setting involving loyalty programs, CCTV, employee data, e-commerce, and direct marketing. Ensuring GDPR compliance across physical stores, digital tools, and supplier networks was key for managing regulatory risk and keeping customer trust.
We provided guidance on a broad range of data protection topics, helping the client address both practical and strategic needs. We acted as the client’s external GDPR advisor, closely collaborating with their legal, marketing, HR, and IT teams. Our role included:
- Giving practical legal advice that matched the business reality
- Creating standard templates and internal policies to support consistent compliance
- Helping handle incidents and customer complaints
- Running internal training sessions to build the team’s knowledge and confidence
Our support helped the client improve its GDPR compliance and day-to-day data practices, strengthening its position as a trusted and responsible retailer. It also helped lay the groundwork for future digital growth, including the compliant rollout of new e-commerce, loyalty, and data analytics projects.

