Administrative support, regulatory filings, paperwork and data subject communication.

DSAR, DPIA, RDP, DC, policies, procedures - the introduction of the GDPR brings a significant increase in your compliance workload. This means creating and maintaining policies and procedures; keeping records of the data you process - including why you do it. You have to demonstrate privacy by design, monitor your suppliers and constantly consider how your processing may impact the privacy of your data subjects including staff and customers.

Ask yourself

  • Do you have the time to keep all your paperwork up to date?

  • Are you resourced to deal with all your data subject enquiries?

  • What should you put in a Data Protection Impact Assessment, and when is one required?

  • Will you maintain your records of data processing and data catalogues yourselves?

  • Are you registered correctly with the ICO and any other relevant regulator?

  • Are your privacy policies comprehensive, and are they updated as your processing changes and the law evolves?

  • Do you have enough resource and expertise to manage a data breach?

Ask yourself

We can help

Our assisted compliance service builds on the advice and guidance available from our helpline.

We help you achieve compliance, then maintain it. Our experts will work with you to refine procedures and policies, complete your regulatory paperwork and support you in dealing with regulators and partners. We’ll also assist you in your communication with data subjects to address their concerns and handle their enquiries including subject access requests.

Data protection
Data protection

GDPR compliance including the completion of DPIAs, records of data processing, data catalogues and other regulatory paperwork; liaison with the regulator; management of staff and external data subject enquiries and subject access request process.

Cybersecurity
Cyber-security

Threat and risk assessment; supplier and technology selection; breach response; handling staff queries including phishing emails, fraud and penetration attempts; policy and procedure development and drafting assistance.

Governance
Governance

Advice on the management of IT and information security; tendering and supplier selection; supplier compliance monitoring; whistleblowing helpline; trustee and non-executive queries.

Certification
Certification

ISO27001:2013 and CyberEssentials support including help with non-conformities and advice on audit preparation; PCI-DSS SAQ completion and help with policy and procedure drafting.

How it works

We start by understanding your business and processes. This includes a fixed-price audit visit and a report detailing any actions you need to become compliant.  

Once your records and processes are in place, we’ll help you remain up-to-date. You pay a fixed monthly fee to cover the routine work and deal with the expected level of data subject enquiries, and get a discount on our standard rates for any extra work you may need as your organisation grows and changes.

We're available to your staff, business partners and the regulator to handle their enquiries on your behalf. 

How it works

What else do you get?

You also get inclusive access to our helpline so you can call us for advice whenever you need to.

All assisted compliance customers get a discount on other work including document licences, on-site visits and training. You also receive our monthly update newsletter with analysis of changes in regulation and compliance, tips for improving your security and - if you’ve licensed our policy framework - suggested updates to policies and procedures.

What else do you get?

Next steps

Fill out our contact form and one of our privacy professionals will get in touch. Once we can meet in person again, we promise to bring biscuits.

Contact us