Artboard 1Icon/UI/CalendarIcons/Ionic/Social/social-pinterestIcon/UI/Video-outline


Lyn Nicholson is a General Counsel in the Corporate & Commercial group of Holding Redlich with a broad wealth of corporate and commercial experience. Lyn has significant expertise advising on complex corporate transactions.

Lyn has been listed in The Best Lawyers in Australia guide as a leading lawyer for Privacy and Data Security Law since 2023 and she has been recognised as a thought leader in the Mondaq Thought Leadership Awards for Australia for Autumn 2021 in Intellectual Property and Spring 2022 for Data Protection.


Lyn’s commercial experience has focused on intellectual property and information assets which have involved various technologies and regulatory regimes. Lyn’s experience includes developing and implementing privacy and information security policies and negotiating contracts for the exploitation of information assets. Lyn has significant experience in privacy and spam regulation.

Lyn advises on directors’ duties and a range of practical governance issues for both listed and unlisted companies.

Lyn advises clients on a range of corporate issues including: 

Data protection and privacy

  • data breach planning, investigation and response
  • responding to regulator investigations and enquiries
  • policies, procedures and playbooks for common issues
  • data security advice
  • GDPR documentation and advice
  • information governance frameworks.

Mergers and acquisitions

  • sale of business
  • restructuring, demergers and spin-offs
  • documentation for shareholder meetings to obtain approvals for significant transactions
  • joint ventures.

Corporate governance

  • advising boards on corporate governance principles and ASX Corporate Governance Council's recommendations
  • developing corporate governance policies, charters and procedures, and assisting management in practical implementation
  • auditing existing corporate governance practices and procedures and providing recommendations for improvement
  • acting as independent expert to assess regulator enforceable undertakings for ASIC and ACCC.

Regulatory compliance

  • advising and acting in regulatory investigations and complaints by the OAIC, ASIC and ACCC
  • advising on responses (written and verbal, including appearances before) government enquiries
  • Privacy Act, Spam Act  and GDPR
  • Corporations Act 2001 (Cth) and ASIC regulatory requirements
  • ASX Listing Rules
  • constituent documents.

Company secretarial

  • acting as secretary and registered office for foreign corporations
  • preparing board and committee meeting papers, notices and agendas and minutes
  • drafting notices and explanatory memorandums for shareholder meetings
  • management of shareholder meetings
  • preparing ASX announcements and ASIC notifications
  • liaising with ASIC, ASX and other regulatory bodies.


11 April 2024 - Knowledge

Eyewear retailer should have taken a closer look at their marketing settings

#Corporate & Commercial Law, #Data & Privacy

We look at recent action taken by ACMA against eyewear retailer Luxottica for breaching Australian Spam laws and highlight simple errors businesses should be aware of to avoid large fines.

02 April 2024 - Knowledge

Australian Governance Summit: Key takeaways

#Corporate & Commercial Law

General Counsel Lyn Nicholson shares some of her key takeaways from the recent Australian Institute of Company Directors Australian Governance Summit.

05 March 2024 - Knowledge

I’ve been hacked – what are my legal obligations?

#Data & Privacy

When crisis strikes and a myriad of tasks jostle for priority, mandated messaging to regulators, key suppliers and customers remains an ongoing obligation.

13 February 2024 - Knowledge

Time to revisit your marketing settings? Recent penalties for breaching Spam law

#Data & Privacy, #Corporate & Commercial Law

A business that sent over 83,000 marketing messages was fined $302,500 for breaches in the Spam Act 2003. What are the key takeaways and lessons to be learnt?

24 January 2024 - Knowledge

NSW Government Bulletin summer edition: The more things change

#Government, #Data & Privacy, #Property, Planning & Development, #Workplace Relations & Safety

At the beginning of a new year of challenges, we refresh key concepts and skills to arm government lawyers for the year ahead.

22 November 2023 - Knowledge

ASIC sets out basic practices for companies to manage cyber security

#Data & Privacy

ASIC's new report sets baseline expectations for companies around cyber security, making it a must-read for boards and senior management. The report comes as Government releases national Cyber Security Strategy.

18 October 2023 - Knowledge

Privacy law changes – now is the time to prepare

#Data & Privacy

The Federal Government’s response to the Privacy Act Review Report confirms changes that will affect organisations’ data practices. Now is the time to prepare.

29 March 2023 - Knowledge

Handling whistleblower investigations: Latest tips from ASIC

#Corporate & Commercial Law, #Workplace Relations & Safety

Regulated entities are encouraged to review their existing whistleblower program following the release of ASIC’s new guidance on how to handle whistleblower disclosures and investigations.

30 November 2022 - Knowledge

Privacy Commissioner calls out implications of the Optus and Medibank data breaches

#Data & Privacy

Recent breaches have spawned new higher penalties being legislated and the Privacy Commissioner declaring a “wakeup call” has been issued.

04 October 2022 - Knowledge

Optus data breach: Lessons for CEOs, Legal Counsel and Chief Risk Officers

#Data & Privacy

Beyond the cyber and privacy issues, there are broader governance and risk lessons that can be learned from the recent Optus data breach. We deep dive into three key areas that require C-suite attention – current risk processes and assessments, regulatory risk estimation and lessons from the past.

04 October 2022 - Knowledge

Automated decision-making: The importance of human oversight and transparency

#Data & Privacy

The use of automated systems and artificial intelligence is on the rise. We look at some common pitfalls and lessons for businesses and governments when implementing automated decision-making.

24 August 2022 - Knowledge

Director Identification Number applications (for long-term directors) close 30 November 2022

#Corporate & Commercial Law

Applications for existing directors close in three months, and individuals intending to become new directors cannot be appointed until they apply. We set out the application requirements and how to prepare.

17 August 2022 - Knowledge

NSW Government Bulletin

#Government, #Data & Privacy

In this edition, we remind government agencies that the use of automated decision-making tools need to be balanced against transparency and explainability requirements.