Our consultancy service gives expert advice about UK and EU data protection laws and best practice.

We offer a bespoke service to suit your particular requirements and flexible fees.

We can help you with compliance, risk management, data security breaches and to get ready for the GDPR.

The General Data Protection Regulation (GDPR) came into effect on 25 May 2018. The GDPR introduced fundamental changes, including the potential for businesses to be fined €20 million or up to 4% of their turnover for serious violations of the GDPR.

The GDPR provides more protections for individuals, and more privacy considerations for businesses. Fundamentally, it puts an onus on all businesses to change their entire ethos to data protection which means that, as the Information Commissioner has said “this one’s a game changer for everyone”.

In practice, there is no ‘one-size-fits-all’ GDPR solution, and the amount of work required will vary depending on a number of factors, including:

  • The extent to which you are compliant with the data protection laws currently in force and how sophisticated your business is with respect to data protection.
  • How much personal data you process and for which purposes, and how much of that is ‘special category’ (sensitive) personal data.
  • Whether you are, primarily, a ‘data processor’ or a ‘data controller’.
  • What policies and procedures you already have in place and how you. document your data processing practices.
  • How straightforward your data processing activities are.
  • Whether you export personal data outside of the EEA.

To help you check your compliance, we have devised a simple but effective GDPR 5-Step Plan:

Step 1: Raise awareness

Step 2: Take stock and gather information

Step 3: Pause, review, and assess

Step 4: Implement change

Step 5: Follow up with our VDPO Service.

Find out more

Tel: 0330-088-2256