Toni Vitale


Gateley Legal

  • London
  • m: 07980 961 589


Toni assists clients on a wide range of data protection, privacy and cyber security issues, including regulatory and compliance investigations, data monetisation and data breaches and is based in the London office. He advises on GDPR, e-privacy, PECR, net neutrality, RIPA, reputation management and data security. He has consulted with CEOP, the Home Office and NTAC and given evidence to a Joint Committee of Parliament on the Data Communications Bill.

Toni has over 30 years’ experience of international data protection laws and technology transactions. He has over 15 years’ in-house experience, which enables him to offer practical, commercially focused solutions in what is often a technical and complex area. 

After starting his career in private practice, Toni held a number of in-house positions as General Counsel, Head of Legal and Company Secretary at IBM (where he was EMEA Data Privacy Counsel), Virgin Media, YouView TV and BGL Group (owners of and Global Privacy Counsel at Willis Towers Watson. 

He has assisted clients in emergency data breach situations, developed global policies, implemented effective international data transfer strategies, negotiated cloud and other complex international data transfer agreements, and defended dozens of regulator investigations and enforcement actions (including criminal prosecutions).

Toni also has substantial technology, media and commercial experience including app terms and digital e-commerce transactions.


  1. Binding Corporate Rules applications on behalf of Rolls Royce and Tate & Lyle.
  2. GDPR compliance advice to AIG, Argos, Aviva, Barclays, BAT, British Airways, Britvic, Canary Wharf, Chelsea & West Bromwich, Church of England, Clydesdale, Crowe, Diageo, HSBC, JD Sports, Lloyds, Marsh, Mathys & Squire, Moneysupermarket, National Grid, Primark, PZ Cussons, RBS, Royal Mail, Sainsbury’s Bank, Sainsbury’s, Skipton, Ted Baker, The Co-operative, and Thomas Cook. 
  3. Cyber security breach advice to multiple clients including implementing response plans and dealing with the aftermath of hacking and denial of service attacks including liaising with the police and media.
  4. Rollout of Meerkat Movies (2for1 cinema tickets) including competitions and promotions advice.
  5. Implementing GDPR compliance programmes for several clients.

Forward thinking insight

Direct to your email inbox

Subscribe now