Data Protection compliance programmes and audits
We have considerable experience in carrying out company-wide data protection audits and implementing compliance programmes for GDPR and related legislation. An audit typically involves a detailed assessment of the current level of compliance (by interviewing key staff and reviewing existing policies), followed by the production of a report highlighting the gaps in the level of compliance and providing practical recommendations and policies aimed at closing those gaps.
Direct marketing compliance
Your customer data is a vital business asset and it is important that you know how to contact your customers for promotional purposes without breaching the complex rules in this area. We can advise on how to maximise your uptake in marketing campaigns, whilst complying with your data protection obligations. Having dealt with the regulator on behalf of clients, we know where the boundaries lie!
A website health check involves reviewing the data collection processes on your website and ensuring that your existing privacy notices and marketing/cookie consents are compliant and up-to-date.
Handling investigations from the regulator
If an unwelcome letter from the Information Commissioner lands on your desk, we will assist you in managing the investigation and defending your position to avoid the risks of enforcement action from the regulator and the reputational damage which may result from such action. We can also advise on how to manage a data security breach and whether notification to the regulator is required.
We can provide in-house privacy adviser services on a part time basis (via remote working), either on the basis of a fixed number of hours or days per week. This service allows us to get to really know your organisation and understand its unique dynamics and objectives.
Advising on cross-border data transfer issues
Transfers of personal information outside the European Union are strictly regulated. We aim to provide workable solutions to the restriction on overseas transfers based on the particular circumstances of your business. We have experience of managing cross-border data transfer issues in large outsourcing transactions as well as intra-group mechanims for transferring employee and customer data such as Binding Corporate Rules.
Data Protection helpline
We can provide advice by telephone on those day-to-day compliance queries such as "Can we disclose this data to a third party?", "Are we ok to send this marketing e-mail?" or "How do we deal with this request for information?".