Artboard 1Icon/UI/CalendarIcons/Ionic/Social/social-pinterestIcon/UI/Video-outline


Lyn Nicholson is a General Counsel in the Corporate & Commercial group of Holding Redlich with a broad wealth of corporate and commercial experience. Lyn has significant expertise advising on complex corporate transactions.


Lyn’s commercial experience has focused on intellectual property and information assets which have involved various technologies and regulatory regimes. Lyn’s experience includes developing and implementing privacy and information security policies and negotiating contracts for the exploitation of information assets. Lyn has significant experience in privacy and spam regulation.

Lyn advises on directors’ duties and a range of practical governance issues for both listed and unlisted companies.

Lyn advises clients on a range of corporate issues including: 

Data protection and privacy

  • data breach planning, investigation and response
  • responding to regulator investigations and enquiries
  • policies, procedures and playbooks for common issues
  • data security advice
  • GDPR documentation and advice
  • information governance frameworks.

Mergers and acquisitions

  • sale of business
  • restructuring, demergers and spin-offs
  • documentation for shareholder meetings to obtain approvals for significant transactions
  • joint ventures.

Corporate governance

  • advising boards on corporate governance principles and ASX Corporate Governance Council's recommendations
  • developing corporate governance policies, charters and procedures, and assisting management in practical implementation
  • auditing existing corporate governance practices and procedures and providing recommendations for improvement
  • acting as independent expert to assess regulator enforceable undertakings for ASIC and ACCC.

Regulatory compliance

  • advising and acting in regulatory investigations and complaints by the OAIC, ASIC and ACCC
  • advising on responses (written and verbal, including appearances before) government enquiries
  • Privacy Act, Spam Act  and GDPR
  • Corporations Act 2001 (Cth) and ASIC regulatory requirements
  • ASX Listing Rules
  • constituent documents.

Company secretarial

  • acting as secretary and registered office for foreign corporations
  • preparing board and committee meeting papers, notices and agendas and minutes
  • drafting notices and explanatory memorandums for shareholder meetings
  • management of shareholder meetings
  • preparing ASX announcements and ASIC notifications
  • liaising with ASIC, ASX and other regulatory bodies.


08 September 2021 - Knowledge

COVID-19 privacy principles for handling personal data

#Data & Privacy, #Technology, Media & Telecommunications, #COVID-19

Australia’s key privacy authorities have jointly issued five privacy principles to guide policymakers and businesses in a universal approach to handling personal information during the pandemic.

21 July 2021 - Knowledge

NSW Government Bulletin

#Government, #Data & Privacy

In a report released last week, the NSW Auditor-General found that Transport for NSW and Sydney Trains are not effectively managing their cyber security risks.

09 June 2021 - Knowledge

NSW Government Bulletin

#Government, #Data & Privacy

The NSW Information and Privacy Commission has identified common privacy risks across digital projects seeking funding from the Digital Restart Fund in a recent regulatory advice for state government agencies.

26 May 2021 - Knowledge

NSW Government Bulletin

#Government, #Data & Privacy

The 2021 NSW Cyber Security Strategy will see NSW become a world leader in cyber security, with government agencies tasked to lead by example in best practice and cyber resilience.

12 May 2021 - Knowledge

NSW Government Bulletin

#Government, #Data & Privacy

All NSW government agencies and departments will need to notify the Privacy Commissioner and affected individuals when a data breach is likely to result in serious harm under a new mandatory data breach notification scheme.

24 March 2021 - Knowledge

The data economy – how does it impact my business?

#Data & Privacy

In this week’s feature, we provide businesses with an overview of Australia’s data regulation and discuss how they can derive economic value from data in the digital age.

03 February 2021 - Knowledge

NSW Government Bulletin


We look at the NSW ICAC’s latest advice on developing a fraud and corruption control policy and consider why it is important for government agencies to revisit their existing fraud and corruption control framework now.

22 January 2021 - Knowledge

Manage your collaboration with care, not complacency

#Data & Privacy

The recent OAIC determination on Flight Centre’s data breach is a stark reminder on how collaboration events can quickly nosedive after a customer data leak.

11 November 2020 - Knowledge

Is Australia’s Privacy Act fit for purpose? Time to have your say

#Data & Privacy

In 2019, the Digital Platforms Inquiry foreshadowed a review of the Privacy Act to strengthen it for the modern era. That review has now been released for public consultation.

14 October 2020 - Knowledge

NSW Government Bulletin

#Government, #Data & Privacy

How is trust in NSW government? Better than you may expect according to the results from the Information and Privacy Commission’s latest community attitudes survey on data sharing, information access and agency assistance.

15 September 2020 - Knowledge

NSW Government Bulletin

#Government, #Data & Privacy

Service NSW supports small business in their COVID-19 safety plans by upgrading its app to manage visitor registrations.

02 September 2020 - Knowledge

NSW Government Bulletin


As recently reported in the tech press, tens of thousands of scanned NSW driver's licenses and other documents with additional identifying information were found on an open Amazon Web Services storage server. The documents appeared to be from September and October 2018.

31 August 2020 - Knowledge

COVID-19 identified who was essential but cyber security will determine who is critical

#Data & Privacy

The Department of Home Affairs has issued a consultation paper on critical infrastructure and systems of national significance to revisit the critical sectors in the post-pandemic world, and how to protect them.

07 July 2020 - Knowledge

The importance of a crisis-proof strategy

#Data & Privacy

The old saying “never waste a good crisis” has never been as relevant as it is now. Many organisations are facing business issues in circumstances they never expected and are needing to respond in agile ways.

03 June 2020 - Knowledge

Working from home and delegated authorities

#Corporate & Commercial Law

When there aren’t clear rules around what people are empowered to do or not to do when working outside the office, there can be adverse consequences. What can businesses do?

13 May 2020 - Knowledge

Your data questions answered

#Data & Privacy, #Technology, Media & Telecommunications

Our data & privacy team set out a comprehensive Q&A that answers common questions relating to Australia’s national privacy regulatory framework and data-related issues.

13 May 2020 - Knowledge

Virtual Governance and Risk Management Forum 2020 – regulatory efforts in response to COVID-19

#Data & Privacy, #COVID-19

We highlight key insights from the forum, including how regulatory bodies like the ASX can ensure flexibility in regulatory obligations while maintaining the integrity of the system during the pandemic.

08 May 2020 - Knowledge

Data deletion policies – do you have one?

#Data & Privacy

The Privacy Act requires that organisations take all reasonable steps to destroy or de-identify personal information when it is no longer necessary – does your organisation?