Nathan Combes


I qualified as a lawyer in 2002 after graduating from Sheffield University. I specialise in employment law and data protection and act for a wide range of businesses, organisations and individuals from across Yorkshire and beyond. I am a member of the Employment Lawyer's Association and I'm also a ILM accredited trainer (more on this later).

I am often asked to advise in relation to employment related disputes and grievances and act for both employers and individuals. My advice covers handling  diciplinary and grievance related matters, negotiating settlement agreements and dealing with Employment Tribunal cases involving allegations of discrimination, whistleblowing, breach of contract and unfair dismissal. My approach is pragamatic and outcome driven and I work closely with my clients in order to obtain the best possible outcome for them.  

I also assist employers to handle their day-to day HR related issues and can offer a fixed fee annual retainer service which provides 24/7 HR and employment related support, advice and guidance. Other key areas of work include drafting contracts of employment, executive service agreements and company handbooks and I am also regularly asked to advise businesses and organisations on TUPE related issues including various employment related issues that will often arise on the acquisition or sale of a business and/or in outsourcing scenarios where employees are transferring between one employer and another.  

The data protection work that I do is varied and wide-ranging. I have a particular interest in privacy notices, subject access requests and data breaches and I have also assisted numerous businesses and organisations to develop their own internal data protection policies and procedures in order to ensure that they are fully compliant with data protection law and minimise the risk of potentially costly fines.  

Alongside the legal advice that I provide, I am also regularly asked by employers and organisations to deliver in-house employment, HR and/or data protection related training to their staff. I'm a strong believer that when it comes to dealing with compliance and legal issues that prevention is always better than the cure and that effective training can significantly reudce the risk of claims. The training that I provide is designed to be fun and inter-active, with lots of practical real-life examples and case studies, all of which are aimedat ensuring that delegates are able to put the knowledge and insights that they gain to immediate practical use.  

Prior to joining Legal Studio I worked for several of Yorkshire's leading law firms as a Senior Associate and Partner/Head of Employment Law. I enjoy the flexibility that working for Legal Studio provides and it is refreshing to be working in an environment where the client genuinely comes first.  

Specialist Areas of Interest


Nathan's Latest Blogs

New ICO guidance published on the time limits for responding to data subject access requests (DSARs).

The ICO’s revised guidance confirms that where a data controller asks the individual making the subject access request for additional information in order to enable them to deal with the request effectively the one-month time period for compliance will no longer be paused until after the controller receives the requested information. The amended guidance also confirms that the extended timescale for responding to complex or multiple DSARs will similarly also no longer be paused.

These changes mean that the new timescale for responding to subject access requests will run from the date that the DSAR is received or, if later, the date on which proof of an individual’s identification has been received. This constitutes an important change from the previous position which stated that the time period for compliance would be paused until the controller was in receipt of any additional information that had been sought from the individual.

The ICO’s revised Right of Access guidance confirms that where additional information is requested from the data subject by the controller, to enable it to properly respond to a subject access request, then:

“…..this does not affect the timescale for responding – you must still respond to their request within one month. You may be able to extend the time limit by two months if the request is complex or the individual has made a number of requests”.

Controllers will likely be concerned that any delay on the data subject’s part in providing any additional information that has reasonably been requested will have an adverse impact upon their ability to provide all of the necessary data within the required timescale. For this reason, the use of subject access request forms may become more common as controllers take steps to try and limit the impact of the ICO’s changes by encouraging data subjects to provide relevant information at the same time that the subject access request is submitted.

Please contact us if you’d like more information about the issues raised in this article and/or or to find out more about the various legal services that we provide.
2020 23 28
Nathan Combes