HOW CAN WE HELP YOUR ORGANISATION BECOME GDPR COMPLIANT?

As qualified GDPR Consultants, we can help and advise organisations on what GDPR could mean for your business or organisation.

If you are just starting we can provide a GDPR Gap Analysis and then continue with ongoing support until achieving full GDPR Compliance with a set of GDPR Documents.

GDPR requires a person to oversee the implementation and review of all the processes and procedures within an organisation and if you don’t have such a person within your organisation, we can provide an external DPO (Data Protection Office) as a service.

GDPR is not a one-off process but needs to be monitored, reviewed and maintained and by providing an independent GDPR Audit of your systems, we can help you achieve this.

How does GDPR affect your organisation?

GDPR limits how an organisation can process personal information.
GDPR increases a Data Subject’s rights over the usage and processing of their personal information.
GDPR enhances Data Protection and Cyber Security.

Why should organisations care about GDPR?

Reason 1 – From 25th May 2018, it became a legal requirement for all UK organisations to be compliant with GDPR.

Reason 2 – The penalty for breached, leaked, deleted or compromised personal information could be greatly reduced if the organisation has taken appropriate measures to comply with GDPR.

“If ‘Personal Data’ which could result in the risk to the rights and freedoms of a natural living person is breached, leaked, deleted or compromised after May 25th 2018, the organisation will be obliged to notify the Information Commissioners Office (ICO) within 72 Hours and also those affected as soon as possible. The ICO will then issue a penalty to that organisation which is effective, proportionate and dissuasive and could be anything up to 17.5 Million Pounds or 4% of their total worldwide annual turnover of the preceding financial year, whichever is higher. “
GDPR Articles 33 & 83

Reason 3 – Data Breaches can greatly impact the organisation’s public reputation. (TalkTalk lost over 100,000 customers as the result of their Data breach in 2015).

To comply, organisations will need to identify all the “Personal Information” that they hold, to ensure that they have, or can obtain, explicit consent to continue using it or have some other legal right to do so. They should also enhance the security and protection around the way they process information, to ensure that they are fully GDPR compliant. See what Elizabeth Denham, the former Information Commissioner at the ICO says about GDPR

The Complete Guide to UK-GDPR – eBook

This guide delivers a Step-by-Step process to achieving compliance with GDPR with the focus on the UK-GDPR.

From the Introduction which gives the overview of what GDPR is about, on through the 24 steps; this guide, provides you with all the information you require to achieve GDPR Compliance.

It is structured around the advice recommended by the UK Supervisory Authority, the Information Commissioner’s Office (ICO) for GDPR Compliance and then because it is a PDF, includes hyperlinks to the relevant clauses in the GDPR documents and finishes with the recommendations delivered to multiple organisations by our Qualified GDPR Consultant to help them achieve GDPR compliance.

Following the steps in this guide, will enable you to complete your GDPR Gap Analysis and achieve GDPR Compliance without spending thousands on GDPR Consultants. Even if you do still want to use a consultant the guide will help with your understanding of what is involved in GDPR.

Price = £19.95 (Special Offer was £49.95)

Find out more and download a sample

Find out about our ready to use GDPR Policy Templates

Contact Us

If you would like more information on how we can help your organisation with its GDPR Compliance, then feel free to contact us:

Phone: +44 (0) 330 165 8900

“From a personal perspective, in today’s world of “Big Data “, GDPR should be celebrated for what it is: an initiative that gives back to each one of us control over who, how and what any organisation can do with our personal information. With its focus on data security, it will also significantly reduce the potential of your personal data being compromised.”

For organisations, GDPR means that strict new enforceable limits and controls are put in place over how information belonging to UK and EU citizens can be processed. To comply with GDPR, new policies, procedures and potentially extra security may need to be put in place, and failure to do so could result in huge GDPR fines.

GDPR IS NOT A ONE-OFF PROCESS BUT NEEDS TO BE MONITORED, REVIEWED AND MAINTAINED AND BY PROVIDING AN INDEPENDENT “GDPR AUDIT”, WE CAN HELP YOU ACHIEVE THIS.

5 Steps Towards GDPR Compliance

If you would like more guidance and resources to help your business or organisation you can download our guide: 5 Steps Towards GDPR Compliance

Click to Download

Our services

What can GDPR Advisor’s consultancy service help you with?

As qualified GDPR consultants, we can assist with the steps involved in becoming GDPR compliant.

READINESS ASSESSMENT

We can carry out the “Readiness Assessment” with you, which will identify your processes and evaluate your IT security. We will then provide a report detailing the things which need exploring and amending for GDPR compliance.

FIND OUT MORE

GDPR COMPLIANCE

We offer assistance in:-
The development of compliant processes; “Data Protection Impact Assessments”; Documenting processes and policies; Establishing third-party agreements with external organisations.

FIND OUT MORE

STAFF TRAINING

A key part of an effective GDPR Strategy is training staff about the risks and dangers in today’s global society. With our online training programs, your staff will quickly get up to speed with what they need to know.

FIND OUT MORE

IT SECURITY

We can deliver the security controls for computers, notebooks, tablets and mobiles; an essential part of preventing data breaches. With our portfolio of leading-edge security technology, we can provide the protection to keep your data safe.

FIND OUT MORE

GDPR PRESENTATION

This 90-minute presentation is designed specifically for directors and senior managers and will fast-track their understanding of GDPR and its obligations.

This presentation has been received and appreciated by multiple boards around the country. It is delivered on your premises, minimising the time wasted by busy people having to travel.

CONTACT US FOR MORE INFORMATION

GDPR POLICIES AND PROCEDURES

To enable organisations to achieve GDPR compliance easily, we have worked with a legal practice in the Thames Valley to create document templates for the Policies, Procedures and Registers that organisations will require for GDPR compliance.

FIND OUT MORE

GAP ANALYSIS SERVICE

Our GDPR Consultant sits down with you to help explore all the areas that your organisation uses, processes or shares personal information of Europeans.

We then create a GDPR Gap Analysis Report for you and return to deliver the report with a series of simple steps for your organisation to achieve GDPR compliance.

FIND OUT MORE

CYBER ESSENTIALS PACKAGES

The UK Government introduced the Cyber Essentials Audit procedure in 2012 to help small to medium size organisations verify their Cyber Security.

As part of the GDPR due diligence and GDPR Audit Trail of what you have done to comply with the regulation, we recommend that all organisations carry out at least the basic “Cyber Essentials (Do it yourself) to certify their Data Security.

FIND OUT MORE

GDPR Support UK

We specialise in providing support in these areas but can provide support anywhere in the UK:

BUCKINGHAMSHIRE

Amersham
High Wycombe
Chesham
Amersham
Aylesbury
Beaconsfield
Bletchley
Fenny Stratford
Buckingham
Chesham
Gerrards Cross
High Wycombe
Marlow
Milton Keynes
Newport Pagnell
Olney
Princes Risborough
Stony Stratford
Wendover
Winslow
Woburn Sands
Wolverton

OXFORDSHIRE

Abingdon
Banbury
Bicester
Burford
Carterton
Charlbury
Chinnor
Chipping Norton
Didcot
Faringdon
Henley-on-Thames
Islip
Kidlington
Oxford
Thame
Wallingford
Wantage
Watlington
Witney
Woodstock

BERKSHIRE

Bracknell
Maidenhead
Newbury
Reading
Slough
Windsor
Wokingham

HERTFORDSHIRE

Baldock
Berkhamsted
Bishop’s Stortford
Borehamwood
Broxbourne
Bushey
Cheshunt
Chorleywood
Croxley Green
Elstree
Harpenden
Hatfield
Hemel Hempstead
Hertford
Hitchin
Hoddesdon
Letchworth
Potters Bar
Radlett
Rickmansworth
Royston
Sawbridgeworth
South Oxhey
St Albans
Stevenage
Tring
Waltham Cross
Ware
Watford
Welwyn Garden City

LONDON

Central London
City
Hayes
Hounslow
Kingston upon Thames
Richmond
Staines upon Thames
Twickenham
West London

What About GDPR Post-Brexit & DPA 2018?

TGDPR is the EU Legislation- General Data Protection Regulation (GDPR) launched in 2018. With effect from 1st Jan 2021 the UK now operates under the UK-GDPR which is based on the “UK Data Protection Act – 2018” and incorporates all of the GDPR protections but applies it to persons in the UK with the legal requirement to protect “Personal Information” wherever it is held in the world.

But organisations that rely on the transfers of personal data between the UK and the European Economic Area (EEA), will be affected in that they may need to appoint an Agent to represent them for GDPR in the main European country that they trade.

Personal information is able to flow freely between organisations in the UK and European Union without any specific measures. That’s because we have had a common set of rules – the GDPR.

What is the UK’s data relationship with the EU/EEA now?

On 28 June 2021, the EU Commission published two adequacy decisions in respect of the UK:
‍
one for transfers under the EU GDPR;
and the other for transfers under the Law Enforcement Directive (LED).

The ICO has publish recommendations on what these decisions involve.
‍
The UK Government has agreed that UK Organisations can continue to transfer Personal Data from the UK to EEA countries without any restrictions, including to countries that the EU have already made adequacy decisions about which includes Andorra, Argentina, Canada (commercial organisations), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Switzerland and Uruguay.
‍
Having left the EU, the UK is now free to make its own adequate decision and has already done so regarding Japan, such that the UK Personal Data can now freely be transferred to Japan.

“US Privacy Shield” is Dead!!!

On the 16th July 2020 the European Court of Justice decided that the “US Privacy Shield” was no longer adequate.

In essence, they decided that US National Security law does not protect the personal data of EU citizens. Much of the problem was due to the US’s own surveillance laws, which allow government snooping and is not limited as in European law ‘to what is strictly necessary. The European Court did validate the use of Standard Contractual Clauses (SCCs), saying that this mechanism does make it possible in practice to ensure compliance with the level of protection required by EU law.

Use SCCs on all none EEA data transfers

The ICO website provides information about International Transfers and provides links to create a contract incorporating “Standard Contractual Clauses” (SCC’s) to make it possible to ensure compliance with the level of Personal Data protection required by EU/UK law.
‍
In June 2021 the EU launches new Standard Contractual Clauses.