DATA PROTECTION OFFICER SERVICES
Our service ensures data compliance is proactively managed whilst advising your organisation and employees on GDPR along with liaising with the ICO.
The General Data Protection Regulation (GDPR) was the first major review of data protection in the UK and Europe for over 20 years. It has serious implications for any organisation that does not follow the new rules when processing personal data. Every organisation should have a clear defined role responsible for Data Protection and GDPR.
On engagement your organisation is appointed a dedicated member of our team to work on and off-site allowing us to offer a proactive compliance programme working alongside you and dealing with issues such as Subject Access Requests, DPIA’s, managing breach logs, training and employee requests.
Data Protection Services Overview
| Engagement | Encourage a culture of data protection throughout your organisation, promoting engagement at all levels. | ||
| Contact | Be the point of contact with the Supervisory Authority, The Information Commissioner’s Office, to deal with issues and enquires. | ||
| Communication | To be the point of contact with Data Subjects who may from time to time need more information about the data protection policies of the organisation, or who may wish to complain about the organisation’s use of their personal data. | ||
| Advice | To advise the Data Controller on any aspect of data protection and the GDPR, the use of data and the rights of data subjects for whom your organisations may hold their personal information. | ||
| Risk Assessment | To undertake or oversee Privacy Impact Assessments and advise on the risks associated with processing data especially in special categories of data or where new projects are planned. | ||
| Update | Update the Data Controller on changes to the GDPR legislation and any other legislation that may affect the processing of personal data of subjects that the data controller may be associated. | ||
| Training | Train new staff in GDPR awareness and update other staff on changes that may affect their handling of data in the course of their employment with your organisation. | ||
| Compliance | Constantly review existing policies, procedures and guidelines of your organisation and it’s GDPR policies. Be the go-to person for advice on all aspects of data protection to anyone within your organisation. | ||
| Onsite | Your appointed DPO will attend your organisation for the consultancy term to deliver the services. | ||
| Audit | Each 12 months, we will carry out an internal audit on your organisation to ensure on-going compliance and produce a report on the findings. *Dependent on level of service plan |
Department Overview
| Marketing |  |
| HR | |
| Procurement | |
| IT & Security | |
| Sales | |
| General Office | |
Maintenance Mode
Our Data Protection Officer service gives on-going advice to your organisation to ensure daily compliance needs are met. This includes dealing with subject access requests, creating and reviewing DPIA’s. Our dedicated on-site officer will also help with any breach issues and if required liaise with the ICO. As part of our maintenance programme, we
also, offer on-going staff training with continual up-to-date advice on GDPR and PECR.
Compliance Report
This report will review your current policy framework to ensure your organisation is compliant with the GDPR legislation. It will advise on your organisation’s current and historical practices and how that will impact under the GDPR. A full and bespoke interpretation of the principles of data protection in the GDPR relating specifically to your organisation will be established and documented as part of this service. We will review all your current policies and procedures including privacy notices, cookie policy and SSL certification.
Proactive Mode
As part of our onboarding process, we will create a partnership and cohesion report.
This report will give an overview of your organisation’s compliance and produce a roadmap of within will detail a pro-active programme over the 12 months. Alongside our everyday maintenance work, our Data Protection Officer will liaise with your senior management team to implement the agreed pro-active programme. Our pro-active mode includes on boarding employees, third party data agreements, review and advising on IT & security, updating retention policies and auditing the workplace.
