GDPR Ready

GDPR ready as quickly and as painlessly as possible

Are you GDPR ready?

It may seem like an easy or straightforward question, but are you ready for GDPR?

Most businesses will say “yes”, but is that true? – and how can you prove that? One of the key principles of GDPR is being accountable and demonstrating your preparations to date.

It’s not until a client asks, or a tender opportunity comes along and asks if you are GDPR ready that you give it proper thought – and that’s when our privacy specialists are on hand to reassure you on your compliance efforts or show you areas you need to improve on to be “ready”.

Call us today and we will show you how “ready” you are – and provide you with an independent report confirming your efforts so far.

Our report could be the key to you winning that contract…

How do we determine you are “ready”?

Privacy is an ongoing effort, so it is difficult to draw a line in the sand and tell a company they are “ready”.  However, our data protection experts are able to quickly identify areas of your business that require attention to demonstrate you have taken all reasonable steps – and we follow a procedure to achieve this.

Conduct a data audit across your business
Learn what personal data you have in the business and where it is. If this has already been done, then we will review the findings of your audit and look to see what remediation efforts have been implemented. This will be key to understanding how ready you really are.

Individuals Rights’
Ensure your business is able to recognise a data subject request and know how to administer this within the appropriate timescales.  Failure to administer these on time constitutes an immediate failure of the legislation, so they are easy areas to slip up.

Staff training
Regularly scheduled staff training sessions are essential to ensure a privacy culture is maintained at all levels of the business. The ICO has recently stated training is a critical element of a privacy culture.

Establish a legal basis to hold the personal data
You need a legal basis to hold any data in the business. If you’ve not considered this, how can you determine you have a right to hold any personal data?

Conduct appropriate due diligence on your supply chain
A non-compliant supply chain can render you non-compliant by default. As a data controller, you are liable for the conduct of your supply chain – be responsible and ensure they are acting appropriately.

Breach Procedures
Do you have specific procedures in place to identify and recognise a data breach when it happens? Do you know the definition of a data breach and the conditions in which you need to report it to the Information Commissioners’ Office?

Data Protection Officer
Some businesses are required by law to have a DPO provision. Do you fall into this category? This role must be assigned carefully within the business – otherwise, it could be a conflict of interests.

Transparency of Processing
Ensure all your policies and procedures reflect the processing activities of the business. Transparency is a prime element of GDPR – and an essential area to cover.

Data Privacy Impact Assessments (DPIAs)
Assessments to gauge the risk to personnel posed by new processing activities. These are a legal requirement in many instances.

Data Transfers
Does the business transfer data outside the EEA? Where to and, is this transfer detailed in your data sharing agreements?

Our specialists can provide whatever guidance you may need in relation to this project – whether that be hands-on, or remote support.

How much will it cost to be GDPR “ready”?

This depends on the size of your business, the complexity of your processing activities and your preparations to date.

Without knowing specific detail on your business, it’s impossible to know, but our fees for our specialist privacy team are competitive at £175 per hour for one-off project, reduced to £150 per hour when part of a wider engagement.

Being “GDPR ready” is a challenging scenario and one that many companies (wrongly) claim, to their detriment when engaging with new clients or prospects.

Professional guidance from our privacy specialists will put you ahead of these companies, giving you the confidence to reassure your clients and prospects that your GDPR preparations are progressing and you are able to demonstrate a maturing level of compliance – you are “ready” as you can be at this stage.

Just remember – our privacy team is on hand to support your business growth.


As with our ethos, our pricing structure is simple, straightforward and highly competitive – we offer fixed-price options.

Audit Only

For companies that will action the output of the Gap Analysis themselves or via a third-party

£175 per hour

(Budget 3 hours per Department/Work Area)

No contract commitment
Single fixed price

  • Basic Gap Analysis (consulting hours based on the number of departments/work areas in the organisation)
  • Initial Discovery Phase
  • Delivery of Executive Summary & RAG Report
  • Report contains both “Quick Wins” and “Long-Term Tasks”

Audit plus Action

For companies that need Outsourced DPO and long-term gap-closure support

£150 per hour

(Budget 3 hours per Department/Work Area)

Leads to a GDPR Action & Outsourced DPO plan
Single fixed price

  • Gap Analysis (consulting hours based on the number of departments/work areas in the organisation)
  • Initial Discovery Phase
  • Delivery of Executive Summary & RAG Report
  • Report contains both “Quick Wins” and “Long-Term Tasks”


When on-site, our working day is 9am – 5pm. For site visits, reasonable subsistence expenses are charged, however these are all agreed by you in advance. On large-scale projects, where our Global Privacy Consultants are engaged, fees are £250 per hour.

Our hourly rates mean you only pay for EXACTLY the time we need for the task – our hours are recorded on timesheets, so we are fully accountable for time vs tasks!

At PRIVACYHELPER, we pride ourselves on tailoring packages to suit your business – your needs and your budget. That is why we don’t offer pre-packaged services that your business has to try and fit into.

Once we have conducted the data discovery phase, or reviewed your existing GAP analysis documents, we’ll propose a set number of days per month – based on the size of the business, the challenges you face and the amount of guidance you’ll need from us.

This resourcing model is perfect for most companies, as it offers you the flexibility to use our time intensively when the need arises, but to keep time to a minimum at other times. You remain in complete control of your budgets!

Why choose us?

Click here to find out why we are the UK’s #1 privacy consultancy.

How much will this cost?

Our pricing structure is simple, straightforward and highly competitive. Head over to our pricing page and take a look at our most popular packages.

What next?

Get in touch via our contact us page, tell us about your business and a member of our team will get back to you.

Other services you may be interested in from PRIVACYHELPER

Security Icon

GDPR Consultancy

Our Privacy Team consists of expert data protection consultants in the fields of IT & Technical, Legal, Records Management and Marketing.

GDPR Training Courses

An effective, demonstrable training programme can be the difference between the ICO imposing monetary fines – or not, even if your data privacy programme has just started.


Is your marketing activity legal? We can make sure it is.