Today's future of EU data protection law

An academic discussion on EU data protection law and practice…

Putting Privacy by Design and by Default in Practice: Unveiling the internal inconsistencies of the General Data Protection Regulation (GDPR) and propounding solutions


University of Reading

RESEARCH THAT PUSHES BOUNDARIES - The University of Reading School of Law is a dynamic learning environment with a global outlook and a focus on academic excellence.




This scheme is aimed at supporting professionals to undertake PhD research, on a part-time basis, which will both support their own career development and be of strategic importance to their employer.

Some topics of study

Philosophy of law, also called jurisprudence, branch of philosophy that investigates the nature of law, especially in its relation to human values, attitudes, practices, and political communities. (Encyclopedia Britannica).


Drones: unmanned systems becoming flying computers. Ethical, legal and regulatory considerations in the fields of Privacy and Data Protection.


What is the best approach to the application of the GDPR legal framework into existing businesses’ processes and activities?


Automated individual decision-making, including profile – Can students be subject to algorithm determinations for A-levels grades?

Talks 2021

Due to COVID-19 restrictions, my outreach activities are currently limited to online talks and webinars.

Icon image

Privacy considerations on Equal opportunities monitoring and ethnicity pay gap reporting in the UK

Equal opportunities monitoring involving the processing of ‘special categories’ of data, has been conducted in the UK mainly for the purpose of promoting and supporting diversity in the workplace under the premise of Social Justice – everyone deserves equal access to employment, training and professional development, on the solely basis of merit.

In the fields of Privacy, Data Protection and EU Law, I am ready to:

  • Plan content of lectures and tutorials.
  • Prepare and mark essays, assignments and examinations.
  • Prepare and deliver lectures, tutorials and seminars.
  • Provide academic guidance to students.
  • Conduct research and contribute to academic publications.
  • Stimulate and leading discussion amongst students.
  • Contribute to curriculum revisions and course and degree requirements.
  • Provide consultation to academic boards, councils and committees.
Virgilio Cervantes, LLB(Hons), MA, CIPP/E, F.Inst.Pa

About me


Universidade Católica Portuguesa

Certificado Curso Propedêutico Direito

The Open University

Bachelor of Laws with Honours - LL.B (Hons)

University of West London

Master of Arts (MA) International Tourism and Aviation Management

Professional Qualifications and Memberships:

Maastricht University

Professional Data Protection Officer Certification, University of Maastricht, European Centre for Privacy and Cybersecurity, Faculty of Law (ECPC-B DPO)

International Association of Privacy Professionals

Certified Information Privacy Professional/Europe


OneTrust Fellow of Privacy Technology

Institute of Paralegals

Fellow of the Institute of Paralegals

Professional Paralegal Register (PPR)

Tier 4 Member - IT Law, Data Protection and Privacy Law


University of Reading

Law PhD (init reg) PT. School of Law, Centre for Commercial Law and Financial Regulation (CCLFR)

Anthony Nolan

I am taking over the role of Data Privacy Manager for Anthony Nolan, a UK organisation that works in the areas of leukaemia and hematopoietic stem cell transplantation.


Dogs don't seem to matter much to @santanderuk. When I went to Santander Staines today to pay in some cash, the staff wouldn't let my dog in. In this day and age, this is unacceptable. They should learn from Metro Bank, which welcomes dogs by offering fresh water and treats.

@UniRDG_Law @UniRdg_PhD @GilCervantes discussed ‘Storage limitation under the UK GDPR: how long can one organisation adequately retain personal data for?’ at the ARA2021 Virtual Conference: @UniRdg_Research

ICO fined the Conservative Party £10,000 in relation to 1,190,281 direct marketing emails sent as a part of its Brexit campaign. The ICO held that the Conservative Party had not collected valid consent for 51 emails sent to the complainants in violation of the PECR.

Load More...