Add a bookmark to get started

Alexa Smith

Legal Director

Alexa Smith has broad experience in privacy compliance for a number of global and national clients as well as the NHS and other public bodies. Alexa undertakes a wide range of data protection, e-commerce, cyber security and direct marketing work including advising clients on how to manage privacy risk on a global basis.

She brings 10 years’ in-depth regulatory in house experience, having previously worked for Aviva, a leading UK insurer, where latterly she worked on implementation of its GDPR programme. Alexa therefore has first hand familiarity of the practical issues faced by in house counsel in understanding the many operational and commercial drivers at play when managing legal risk in a business.

Alexa helps to coordinate DLA Piper’s What In-house Lawyers Need (WIN) setup in Leeds which facilitates knowledge sharing and networking among the regional in house community.

Professional QualificationsSolicitor of the Senior Courts of England and Wales


  • Advising a multinational insurance company on implementation of its GDPR programme (both commercial and customer facing aspects), including review of digital journeys, drafting GDPR-compliant policies, stakeholder engagement and training. She also assisted in successfully lobbying via industry bodies in relation to the UK Data Protection Bill to take account of processing special category data in an insurance context.
  • Advising a leading global advisory and broking firm on implementation of its global compliance programme and advising on the privacy aspects of a material outsourcing arrangement with an IT service provider.
  • Advising the Information governance team at NHS Digital on the effective regulation of data sharing arrangements to support lawful processing of patient identifiable data within NHS systems and services.
  • Advising Birmingham City Council on its data sharing arrangement and transparency in connection with certain outsourced services.
  • Advising a global security services firm in the acquisition of EU entities and implementation of its GDPR compliance programme with extensive support on development of privacy policies, notices and procedures.
  • Advising Europe’s leading home security business on compliance strategies for the marketing, placement and operation of CCTV and related alarm system in domestic homes and integration of the new Arlo system into their product pipeline.
  • Advising a global leader in medical waste management, patient communication services and shredding services to provide extensive support and advice on its GDPR compliance programme, including in depth advice on governance and accountability frameworks, global marketing advice and drafting and socialising policies and procedures.
  • Advising a leading villa holidays operator by carrying out a comprehensive GDPR compliance review.
  • Advising a leading leisure airline and holiday business on all aspects of privacy compliance and cyber risk management since their inception in 2003.
  • Advising a copyright licensing and publisher services business on various aspects of its GDPR compliance including privacy notices, retention and record-keeping.
  • University of Liverpool, Law LLB, First class honours, 2001-2004
  • College of Law, LPC, 2004-2005