We will work with you to understand
the needs of your organisation before embarking on any work with you. We also provide a variety of services to suit your companies requirements. These range
from audits to training programs and
A complete compliance
project would entail an initial consultation to discuss the measures which your company already has in place (if any) and for us to gain an overview of the types of data which your company holds and the purposes for which it holds such data.
You may wish to conduct
an audit to assist with the compilation of your register of data processing activities. Alternatively, you may wish to conduct an initial, high level review.
We have many years experience in conducting in-depth audits and high level reviews for a variety of clients and can assist you with this task.
GDPR requires privacy impact assessments to be carried out
for new data processing activities which meet certain criteria. The results of these assessments need to be recorded and kept by companies, possibly for inspection by a data protection authority.
If you are relying on legitimate interests, you will be required now under GDPR to carry out a legitimate impact assessment. Again this will need to be maintained within your data protection compliance records.
Data Controllers or Data Processor?
It is important to establish whether a party is a data controller or data processor as different GDPR provisions will apply. This is often a challenging question and one that we have much experience of.
If you need help with this question we can assist you including advising on the appropriate contractual provisions.
We can assist you with drafting your privacy policies, data protection contract provisions, responses to rights requests including subject access requests.
Subject Access Requests
If you are unsure about what exactly you need to provide in response to a subject access request (SAR) and the associated timelines, we can help.
Opt in, opt out, consent?
If you are finding the marketing opt
in and opt out rules challenging, we have plenty of experience advising
on this matter.
We can also assist with question about third party marketing and cookies.
Did you know that you can no longer rely upon the Privacy Shield for transfers of personal data to the USA? Are you preparing for the effect of Brexit on your data transfers? We can help with all of your data transfer questions.
We tailor make our courses to suit the specific issues which arise within your company and to the duration which you consider most appropriate for the audience.
All of our training courses include participation exercises so that knowledge learned can be applied
and tested throughout.