If you need to designate a DPO for your organisation, we can help. We offer cost effective Outsourced and Virtual DPO services, delivered by suitably experienced personnel.
You’ll get a lead DPO who’ll be supported by the wider team as required. There are no ‘call centre’ type operations, just real people who you’ll come to see as an extended member of your workforce.
Our Virtual DPO service provides you with a designated data protection officer who monitors and advises on compliance with GDPR / DPA18. We register ourselves as your DPO with the Information Commissioner’s Office and act as their point of contact for your organisation.
You get telephone and email access to our DPO service during normal working days up to an agreed number of hours each month. If you need extended hours coverage, we can arrange that as well.
Our Outsourced DPO service provides you with a data protection officer that works as an extended member of your team, with committed time onsite. The service provides data protection program management in addition to monitoring and advising on compliance with GDPR / DPIA18 and PECR.
We register ourselves as your DPO with the Information Commissioner’s Office and act as their point of contact for your organisation. We’ll agree hours of coverage with you at the outset of our engagement.
If you aren’t mandated to designate a DPO but need a suitably experienced person to lead your data protection programme still, we can provide you with an outsourced Data Protection Manager.
In much the same way as you might outsource HR, we can provide you with a Virtual Data Protection Manager or Consulting Data Protection Manager to take responsibility for your privacy programme. These services work in the same way as our DPO services.
If your DPO or data protection manager needs additional support, access to a second opinion or extra pairs of hands during a busy period, we can help on a retained or pay as you go basis.
We can help with a full range of tasks including DPIAs, risk assessments, legitimate interests assessments, records of processing, subject rights requests, data processing agreements, customer questionnaires, supplier due diligence and more.
That depends on the nature of your organisation and your data processing activities.
The GDPR mandates the designation of a DPO where:
We can help you determine whether you need to designate a DPO or, if not, how you should manage your data protection obligations.
First and foremost, your DPO will perform the tasks mandated by the GDPR at Article 39. These cover:
In addition, your DPO can manage your overall privacy programme and assist on the matters listed in the section immediately above.
You’ll get a named DPO and their contact details rather than just a generic telephone number. They will be backed by a wider team of specialists with skills and experience in data protection, e-privacy, information security, HR, IT and law.
Your DPO will want to understand your organisation and get to know your key personnel, your services and the types of customers you work with. They will also want to learn more about your culture, working practices and approach to compliance.
Our DPO-as-a-Service packages start at £500 per month for 12 months. For that you’ll get telephone and email access to a virtual Data Protection Officer for an agreed number of hours each month during normal working hours.
It’s likely, though, that you’ll want a DPO service that’s tailored to your specific needs rather than a package. That’s how most of our clients prefer to work. If so, we’ll work with you to define a cost effective DPO service that works for you.
Our DPOs can work or be on-call during the hours you need.
Most commonly, we provide DPO services during normal business hours, sometimes with on-call coverage out of hours.