The GDPR is a highly complex piece of legislation that all businesses are required by law to prove their compliance with. Many are unable to, however and risk losing major contracts when they are unable to provide appropriate due diligence documentation, or, risk enforcement action such as significant fines from the ICO in the event of an avoidable data breach.
A specialist GDPR consultant from Privacy Helper could address all these issues without delay – therefore protecting your business from the pitfalls of non-compliance. Our experienced privacy team are able recognise the greatest processing risks to your business – and can implement practical and effective solutions to address these challenges – no matter how large or small your business is.
What to look for in a consultant
The market is full of people claiming to be “GDPR consultants” – so what should you look for when engaging? We look at several key features of skilled GDPR consultant.
They have a distinct area of specialism – ie, legal, marketing, technical. The Privacy Helper Team is made up of several consultants with their own areas of specialism, but with some degree of cross-over. One single consultant cannot “do” GDPR, however.
They have many years’ experience in their specialist field – but have adapted to privacy in recent years.
They have an in-depth knowledge of both the GDPR and the Data Protection Act 2018 – and can interpret the demands of these when speaking to business owners.
They have a professional qualification. Our experienced consultants either have recognised European Privacy qualifications or are studying for them.
This is why you can be confident of trusting Privacy Helper with your compliance programme – we only engage with the most experienced, skilled consultants so we can be sure of delivering the best, most professional service to our clients.
Contact us NOW to find out how our consultants can help your business navigate its GDPR compliance programme. Our experienced privacy consultants make even the most challenging privacy legislation easy to implement across your business:
GAP analysis
We conduct the most detailed GAP analysis. Leaving no stone un-turned in our first audit of your business, we identify the processing activities in your business that fail to meet the demands of the GDPR.
From your client base, to your supply chain and wider business partners, all parties that your business shares personal data with are examined for their compliance with the legislation. In the instances where you are the data controller – and therefore liable by law – we explain the risk, the implications and how to address these.
Where you are the processor, we explain your alternative obligations in relation to your client or business associate, the data controller.
At the end of our GAP analysis, we provide you with a report detailing your processing activities split by department – and colour coded Red, Amber, Green to highlight the critical risks through to the non-critical.
We deliver an Executive Summary for the Board to understand perfectly where their true business exposure lies – and how this can be addressed via an efficient and professional, yet affordable strategy.
Remediation
After we have completed and delivered our detailed GAP Analysis, our consultancy team will begin work on the remediation.
Every company needs some degree of remediation and our experts have the skills to implement this without delay by prioritising by your greatest risks – whether this be your outbound marketing activity, your data transfer mechanisms, your data storage capabilities, or contractual failings.
Our Privacy Team will establish a working project plan for you – which will demonstrate to external parties (including the ICO, if required) that you have committed to a GDPR compliance programme to ensure your organisation embraces a “privacy by design” culture.
GDPR strategy implementation
Our experienced GDPR consultants will build a tailored privacy strategy for your organisation – bespoke to you, and the challenges you face. This roadmap will recognise that GDPR is both a procedural project and one requiring cultural change – privacy must be embraced from the Post Room to the Board Room.
Projects will include:
Assessing the legality of your data transfer mechanisms – both domestically and cross-border.
Reviewing your data sharing contracts to ensure adequate data protection clauses are in place to reflect Controller to Controller, Controller to Processor and Processor to Sub-Processor relationships.
Data Mapping – a full and clear understanding of the personal data flows into, around and out of your business is essential to complete your Records of Processing Activity (ROPA), under Article 30 of the GDPR. This may sound a daunting task, but our consultants are experienced in approaching this in a logical way, allowing the business to be mapped out.
Conducting DPIA’s – where new, or upgraded systems are being implemented, you are required by law to carry out a data privacy impact assessment to understand the potential risk to individuals by the new technology.
Any risks will need to be addressed before it goes live – and the consultant working with you will guide you through this.
Drafting privacy notices, policies and documents that truly reflect the processing activities of your business. Under the GDPR, accountability is a key data protection principle and one of your greatest challenges will be to interpret your processing activities into these respective documents. Thankfully, our privacy consultants are experienced in policy writing and can handle this for you.
Information Security – weak or inadequate data security measures to protect your personal data at rest will make it easy for hackers or other persons to gain unauthorised access to the personal data held by the business.
With IT compromises being a major cause of data breaches, our IT specialists will ensure your systems offer an appropriate level of protection, based on the type of data held.
Staff training – a significant proportion of data breaches are caused by staff who have received little or no data protection training. While we don’t expect your staff to become instant GDPR experts, basic regular training sessions relevant to their role in the business can help prevent careless errors in the way personal data is handled.
The Privacy Helper team boasts specialist GDPR trainers who can provide regular, scheduled data protection training across your business – both new starters and top-up sessions. Invest in your staff and they will protect you from avoidable data breaches that could lead to the ICO investigating.
How much will it cost?
If you engage with us to provide guidance to your business, like our ethos, our pricing structure is simple, straightforward and highly competitive – there are no “day rates”, you only pay for the time we work!
We charge an hourly rate of £125, per consultant, irrespective of the task, or engagement. This is highly competitive compared to other London GDPR consultancy services – why pay more for GDPR compliance, if you still have access to the experts?
When on site, our working day is 9am – 5pm. For site visits, reasonable subsistence expenses are charged, however these are all agreed by you in advance. On large-scale projects, where our Global Privacy Consultants are engaged, fees are £1,250 + VAT.
Our hourly rates mean you only pay for EXACTLY the time we need for the task – our hours are recorded on timesheets, so we are fully accountable for time vs tasks!
New Clients
If you are a new client, we require 50% of the engagement invoice to be paid at the time of booking, with the remainder (plus any expenses) due within 48 hours of the completed project being delivered.
We hope this gives clients the confidence of engaging with us – proving that we’re committed to providing you with a first-class professional service data protection service and one that you will be confident to tell your business network about.
Existing Clients
We believe in making it easy for our clients to work with us long-term, without needing to sign off each project – this can be a strain on administration and internal resources.
By signing off a batch of days or hours, these can be drawn upon by the team when required. At the end of each month, we raise an invoice based on the tasks worked on, using your main PO as a reference.
Get in touch today to speak to our specialist consultants and let us take the worry out of your GDPR programme – it could be the best call you make today to give your business the confidence it needs to tackle this obstacle.
Why choose us?
Click here to find out why we are the UK’s #1 privacy consultancy.
How much will this cost?
Our pricing structure is simple, straightforward and highly competitive. Head over to our pricing page and take a look at our most popular packages.
What next?
Get in touch via our contact us page, tell us about your business and a member of our team will get back to you.
Other services you may be interested in from PRIVACYHELPER
Training
An effective, demonstrable training programme can be the difference between the ICO imposing monetary fines – or not, even if your data privacy programme has just started.
DPO services
We offer DPO packages to suit your business needs – from a basic advisory service for smaller businesses to integrating ourselves within the operation of larger businesses.