Privacy and Data Protection Consulting

When it makes sense

When the organisation processes personal data regularly, has doubts about GDPR obligations, needs to respond to clients or data subjects, has received questions from a supervisory authority, is launching digital products or needs to know where to start without excessive bureaucracy.

What it may include

• Privacy Health Check and maturity diagnosis.
• GDPR gap analysis and priority roadmap.
• Mapping of processing activities and personal data flows.
• Review of policies, contracts, records and procedures.
• Support with DPIAs, incidents and data subject requests.

Expected result

A privacy programme that is proportionate to risk, understandable for management and usable by operations, with updated documentation, justified decisions and evidence ready for clients, audits or authorities.

Privacy diagnostics

Fast and objective assessment of compliance status, critical risk identification, DPO requirement analysis and priority recommendations.

GDPR implementation

Design and update of policies, procedures, records, contracts, organisational measures, training and privacy by design practices.

Validation and evidence

Internal audit, incident response testing, evidence review, improvement recommendations and preparation for client requests or audits.

External DPO and support

Formal appointment, recurring advice, contact with authorities, data subject support, incident follow-up and management reporting.

International privacy

Support for organisations with international presence, data transfers, multi-region requirements and the need to align local practices with global standards.

EU representative

Support for organisations outside the European Union that process data of individuals in the EU and need to frame responsibilities, contacts and Article 27 GDPR processes.