DATA PROTECTION CONSULTING
Keeping you on the right side of Data Protection law
The Data Protection Act 2018 created new and complex requirements for companies processing the personal data of their staff and their customers. New legislation such as the Data Protection and Digital Information (DPDI) Act will introduce additional requirements affecting all businesses and legislation from other countries including Japan, South Korea, Japan and China may affect how you treat the Personal Data of their citizens.
We deliver compliance services to keep you legal with Data Protection legislation, avoiding financial penalties from the Information Commissioner’s Office and the reputational damage you could suffer from you customers’ lack of trust in how you process their Personal Data.
Data Protection Assessments
In our three-stage process, we get under the hood of your business, checking your IT infrastructure and your processes for managing Personal Data and deliver a confidential, detailed report on how compliant your business is against Data Protection law. Our report also gives you a list of recommendations (tailored to your business) to improve your compliance level.
Data Protection compliance
We deliver the critical work you need to make you compliant with existing and forthcoming Data Protection legislation. We have experience in delivering services such as staff training, new processes and contractual agreements and can do the same for you. Whatever we deliver, we promise that we put you at the heart of our work, giving you a service that is bespoke and not a ‘boiler plate’ copy from elsewhere.
Virtual Data Protection Officer
If you want the benefits of a Data Protection Officer but do not want the expense of a full-time employee, we can supply a Virtual DPO service (vDPO), where you only pay for the time we are with you. When we are with you, we provide typical Data Protection Officer services, whether attending management meetings, risk reporting or answering ad-hoc queries. This is a cost-effective and flexible solution.
Foreign Data Protection Services
Countries such as Japan, Brazil and Canada have their own laws to protect their citizens’ Personal Data – meaning that if you have overseas clients, you might need to be compliant with their laws too. We understand the obligations of foreign Data Protection legislation, whether it is Dubai’s Federal Decree Law No. 45 or Japan’s APPI and can help you manage the risks you face when trading overseas.
Records of Processing Activities
Under UK law, your company might need to produce Records of Processing Activities (ROPA), listing the Personal Data you process and how you process it. These ROPA help you remain transparent with your customers about their Personal Data but few people have the time or skills to produce these records. We have delivered ROPA for clients in sectors as diverse as travel and clothing and can help you too.