Being able to respond effectively to subject access requests (SARs) can be challenging, especially when they are complex requests from current or former employees.

Exterro 03.08 Handling tricky employee SAR


Tuesday 3rd August

Event Timings:

  • BST: 11am - 12pm
  • CEST: 12pm - 1pm


Often, SARs require handling a wide range of (often sensitive) data from all across the enterprise, perhaps even from different physical locations and IT systems across disperse geographical locations.

Whether it’s wading through the review process of tens or hundreds of thousands of emails, baring the (painful) cost of external counsel, or working with IT to ensure you have all the personal data you need from the various, tricky to collect/legacy/remote data sources, employee SARs can be an extremely challenging exercise to fulfil.

Join Exterro and industry experts on this webinar panel to discuss key considerations when responding to employee SARs and how technology can help fulfil complex requests. Notable points of discussion will include:

  • DSAR portal – managing the end-to-end DSAR lifecycle
  • Data discovery – have we collected all the data?
  • Document review – early data assessment to reduce volume (before collection) and optimise review process (including auto-redaction)


Meet the Speakers:

Stuart Davidson

Senior Director of International Marketing, Exterro

Stuart Davidson is the Senior Director of International Marketing at Exterro. Exterro empowers legal teams to proactively and defensibly manage their complex Legal Governance, Risk and Compliance (Legal GRC) requirements. We are the only software provider offering a comprehensive Legal GRC software platform that automates the complex interactions of privacy, legal operations, digital investigations and cybersecurity response, compliance and information governance.

Thousands of legal teams around the world within corporations, law firms, and government and law enforcement agencies, trust our integrated Legal GRC platform to manage their risks and drive successful outcomes at a lower cost.

Robert Grosvenor

Managing Director, Alvarez and Marsal

Robert brings over 20 years of experience advising on global and cross border privacy, secrecy, records management and related data regulation requirements. With deep European regulatory and legal knowledge, Robert has developed strategic programs and led international compliance projects for major organisations across the financial services, life sciences, technology, media and retail/manufacturing sectors including GDPR readiness and BCR implementations. Robert’s areas of expertise include the compliant management of data in major digital transformation and data strategy initiatives. These initiatives include digital ethics and the impact of AI, ePrivacy including AdTech and IoT, blockchain, big data analytics, and cloud migrations.

Prior to joining A&M, Robert was a Managing Director at Promontory, an IBM Company, for nine years where he led the Global Privacy and Data Protection practice that specialises in international privacy and data protection compliance and risk management. Prior to establishing the practice in 2011, Robert also had a 13 year career with Deloitte, where he worked both in London and Brussels.

Marie Bradley

Operational Compliance Officer and DPO, By Miles

Marie focuses on Information Security, GDPR and operational process improvements through a risk-based approach, examining what the business needs and how these can be best supported by the existing culture, infrastructure, client needs, compliance and most importantly, the people. Marie is also a highly experienced Business Analyst and has written and taught Business Analysis courses, including those accredited by the BCS. Throughout her career, Marie has advised on data protection for marketing solutions, gaining formal certification as an ISO 27001 Lead Implementer, and has ran the GDPR programme for her former agency, Tribal Worldwide.