Chances are you’re aware of privacy and the law and have heard of the DPA 2018, UK GDPR1, EU GDPR2 and PECR3 and that you’re comfortable that you’re addressing the challenges or you’re not quite sure how it affects you and what you need to do
The EU GDPR is a data protection framework that applies to any EU-based company that processes personal data and any company based outside the EU if it offers goods or services to EU data subjects or monitors their behaviour.
For UK-based companies the Data Protection Act 2018 imports the GDPR in its entirety, subject to certain derogations set out elsewhere in the Act
Data protection in the UK is currently undergoing change for example with the Data Protection and Digital Information Bill4 and The Data Protection (Fundamental Rights and Freedoms) (Amendment) Regulations 2023 and the Data Protection and Digital Information Bill

What we do

GDPR Health Check

Our health check provides organisations an independent view and options for remediation of their GDPR efforts to date and is useful for organisations:

  • who are starting their compliance journey and
  • for those wishing to undertake due diligence on their current GDPR position

Notifications Review and Remediation

Understanding and identifying what privacy and processing notifications are necessary and how you manage them

Data and Purpose Review

An in-depth review of your organisation’s personal data landscape and provides the basis for understanding the lawful processing and documentation required by the GDPR

Data Subject Rights Review and Remediation

Ensuring that you can uphold and respond to your data subjects’ rights by establishing the correct structures and processes

Workshops and Training

Training courses and workshops delivered by our team of lawyers, DPOs and privacy experts Our expert briefings are relevant to every area and level of your organisation

1 The UK GDPR is the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) as it forms part of the law of England and Wales, Scotland and Northern Ireland (by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by Schedule 1 to the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (SI 2019/419)).

2 General Data Protection Regulation (EU) 2016/679.

3 Privacy and Electronic (EC Directive) Communications Regulations 2003 (SI 2003/2426) (as amended).

4 The DPDI Bill is currently before the UK Parliament. It is worth noting that this Bill appears to weaken important data protection rights and safeguards.