Zero-fuss GDPR compliance

Fast-track bespoke solutions from the UK’s #1 privacy consultancy

marc-olivier-jodoin-TStNU7H4UEE-unsplash.jpg
Screenshot 2022-01-06 at 15.17.03.png

The fast-track process

So, how does our service work?

The GDPR applies to every organisation in the UK that handles, or processes personal data

 
off-site pre-assessment icon.png

Off-site pre-assessment
We learn everything about your business and process during an initial off-site assessment.

department one-to-ones icon.png

Department one-to-ones
We hold meetings with department heads to discuss personal data used in their team.

senior team icon.png

Senior team
Walk-about with a senior staff member to understand the “office floor privacy culture”.

traffic light report icon.png

Off-site reporting
We complete a detailed report of our findings in traffic light format – with an Executive Summary.

road map icon.png

Roadmap
A Roadmap to compliance will be delivered with our report.

 

What we offer

We’re one of the UK’s leading privacy consulting teams, providing guidance to more than 160 firms.

 DPO services

We offer DPO packages to suit your business needs – from a basic advisory service for smaller businesses to integrating ourselves within the operation of larger businesses.

Get started >

 GDPR Consultancy

Our Privacy Team consists of expert data protection consultants in the fields of IT & Technical, Legal, Records Management and Marketing.

Get started >

 Global support

Our Privacy Team can support organisations in the US and around the world, whatever data protection challenges you face.

Find out more about us >

 Data Penetration Simulation

Our IT & technical specialists can advise on penetration testing, security measures, data transfer mechanisms, back-up provisions and more.

Find out more about us >

 Training

An effective, demonstrable training programme can be the difference between the ICO taking enforcement action – or not, even if your data privacy programme has just started.

Get started >

 Marketing

Does your marketing comply with the Privacy and Electronic Communication Regulation, 2003? (PECR)? We can make sure it does!

Get started >

 Legal services

Our legal experts can draft data protection addendums into supplier contracts and advise on international data transfers affected by Brexit and Schrems II.

Find out more about us >

 Mergers

If you are looking to buy, or invest in a business, then you have a responsibility to conduct the appropriate due diligence.

Get started >

Screenshot 2022-01-06 at 15.17.03.png

Zero-fuss GDPR compliance from the UK’s best

background black.png

What is GDPR and how does it affect my business?

gdpr icon.png

What is GDPR?

The GDPR (General Data Protection Regulation is the EU’s data protection framework - enforceable since 25th May 2018.

non compliance icon.png

Non compliance cost

Non-compliance of the GDPR brings the prospect fines of up to €20m, or 4% of global company turnover. Hundreds of fines have been imposed by Supervisory Authorities in the EU and UK to date.

data breach icon.png

How data breaches happen

A data breach is defined as any accidental or unlawful destruction, loss, alteration, or access to personal data.  Once a breach is identified, you have 72 hours to investigate

marketing law icon.png

Marketing within the law

Unlike other areas of your business, marketing is regulated by a separate legislation – the Privacy and Electronic Communication Regulation, 2003 (PECR).

 
business process icon.png

Business processes

Internal data protection training is vital – employees who understand data protection for their roles are your greatest asset to remain compliant…or identify areas of non-compliance.

data mapping icon.png

Data mapping

To understand the types of personal data held in each area of your business (and your right to hold it), Article 30 of the GDPR requires you to conduct a data mapping exercise.

 
Screenshot 2022-01-06 at 15.17.03.png

 FAQs

Don’t see the answer to your question, click here to ask one of our specialist team.

  • General Data Protection Regulation

  • It came into force across the EU 25th May, 2018

  • It affects any business, or organisation that processes and holds personal data of individuals residing in the EU.

    No matter what your size, if you have a website, clients, suppliers, or employees, then you will hold personal data… so the GDPR applies to you.

  • Personal data is any information that relates to an identifiable living person. Names, email addresses, telephone numbers and even cookies from websites fall into this category.

  • Sensitive data, or “special category” data refers to data that uniquely identifies a person – this could include genetic and biometric data (ie, fingerprints), sexual health data, race and ethnicity information.

  • The UK refers to the Data Protection Act 2018 and the GDPR together. While the GDPR is the main document for reference, there are certain instances where the DPA2018 takes precedence – such as matters of national security. When the UK leaves the EU, the DPA2018 will become our sole data protection framework – and is the law, not a choice.

    Further details: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2018/12/data-protection-and-brexit-ico-advice-for-organisations/

  • While there a are few exemptions, most businesses that process personal data must register with the ICO. Failure to do so can lead to a fine.

  • Fines are now tiered, depending on the severity of your failure to comply. The maximum fine is 4% of global turnover, or €20m, whichever is greatest. Less severe violations can receive a fine of 2% of global turnover, or €10m.

  • If you are a public authority, or your main business focus involves the large-scale processing of data, or special categories of data, then you may be required by law to appoint a DPO.

  • No – but you must keep an internal record of all data breaches. If the breach is unlikely to result in a serious risk to the rights and freedoms of the individuals, then the breach should be reported to the ICO within 72 hours of being discovered – and the individuals affected without undue delay.

  • A data breach is any unauthorised or illegal destruction, loss, alteration, or access to personal data. That may include sending an email to the wrong person, or losing your laptop, mobile phone or USB stick!

What will it cost?

As with our ethos, our pricing structure is simple, straightforward and highly competitive – you only pay for the time we work! Here are some of our popular services and packages.

 

 Monthly GDPR Support from only £125.00

Our popular packages >

Access to our privacy specialists whenever you need it – whatever the question, or query may be. Run your business in confidence knowing you are GDPR compliant.

Find out more >

 GDPR GAP Analysis packages - Bronze, Silver & Gold. From £115 per hour.

Our popular packages >

We offer GAP Analysis and Remediation Packages to suit your risk appetite and budget. This ensures the gaps in your compliance are addressed in a timely manner.

Find out more >

 Monthly Outsourced DPO Service from only £500 per month

Our popular packages >

If your business needs a Data Protection Officer, we can provide a specialist resource and full access to the full Privacy Team if required.

Find out more >

Screenshot 2022-01-06 at 15.17.03.png

Testimonials

SwiftComm

 The Privacy Helper Team have been instrumental in helping us to understand our obligations as data controllers – from conducting our initial GDPR GAP Analysis back in 2018, to responding to data subject queries as they have arisen. The team are clearly passionate about data protection and we’ll be relying on their expertise to further support our growth – we can’t recommend them highly enough. 

Jonathan Mack Managing Director

Typessa

 Excellent service. I needed a privacy notice and Andy was very helpful and created a personalised notice for my new business. Would highly recommend. 

Vanessa Garcia Company Owner / Founder

PMDSC

 We work hard to comply with the GDPR, and we needed a specialist that we could contact to ask random questions on the subject – and the GDPR Support Service offered by Privacy Helper was a perfect fit. The Privacy Team know our business model, so are able to respond swiftly to our questions – and in a way the business can interpret. We would have no hesitation in recommending this Support Service to other small companies keen to embrace data protection. 

Paul Midson Managing Director

Bedfordshire Chamber of Commerce

 We were delighted to have Andy Chesterman of Privacy Helper host a recent webinar for us on ‘Marketing Compliantly’. Andy’s knowledge and insight of the subject is invaluable and is relevant for all businesses big and small. 

Paula Devine Head of Membership & Global Services

We also have lots of fantastic Google Reviews