Who is it for?

This is for businesses that want to take a really in-depth look at their business to find out what they need to do on data privacy. It goes deeper than our ‘GDPR Healthcheck’ and looks at the different aspects of your business, on paper, on the web and in practice. It’s most suited to larger or more complex businesses, and those that have been going a while, but is suitable for any business that: • Knows they need to do something on data protection but isn’t sure where to start • Has recently undergone a change of management, reduced or increased its staff or recently been taken over or merged with another company • Has data privacy measures in place but hasn’t reviewed them for a while • Has recovered from a data security breach or other incident and needs reassurance that they’re back on track again • Is preparing for an audit/visit by a regulator and needs reassurance that they’ve got their data protection in good order before hand.

What is included?

• Initial meeting/discussion to confirm scope and timings • Terms of reference document clearly setting out scope, methods and timings • Review of any existing privacy policy and any other relevant internal policies and documents • review of current marketing material • Where applicable, sample checking of current processes, review of phone calls etc • interviews with members of staff • Site visits and visual inspections of relevant activities and processes (if applicable) • review of websites • If required, mystery shopping • A clear report, with recommendations ordered by risk • meeting to discuss the findings • wrap up meeting • Advice on next steps • 10% discount an any additional services purchased within 3 months of completion

Add-ons and extras

• Review of any third party suppliers/vendors used - additional £250 per company • mystery shopping exercise - additional £150 • Present findings to the Board/Senior Management/CEO and facilitate discussion - additional £250 • production of a detailed remedial action plan - additional £175

What is not included?

• Production or updating of any documentation other than audit-related items • Any additional or remedial work • Review of third party suppliers/outsource companies • Mileage and accommodation costs

What will I get?

• A clear, understandable report with risks clearly explained and recommended actions ordered by risk level, which you can then use as the basis for future action. • The peace of mind of knowing exactly how well your business is doing on Data Privacy and where to direct future efforts.