We help you operationalise privacy from a management consultancy perspective using adapted versions of the NIST Privacy and Cybersecurity frameworks to guide your progress. We identify and solve your complex business, organisational and operational problems and define and improve processes in the privacy, data protection, and cyber security context. Every client has a unique starting point and is at a different stage of maturity. We have examples below of the different types of services we include as part of your consulting package.
We work with businesses in Ireland and Europe that operate in highly regulated spaces and that need to pay particular attention to data protection, privacy, and cyber security. We also work with businesses in Ireland that typically have 100 to 250+ employees that need to operationalise privacy in demonstrable ways. We spend typically one to three years with each client as they grow in maturity. Our aim for our clients is to contextualise compliance requirements, embed good practice, and hand over to internal teams to continue operations as we exit.
Get in touch via email and we will book you in for an introductory, no obligations, free call to discuss your requirements. If we both feel we are a good fit, we will help you to identify your privacy, data protection, or cyber security priority. We will prepare a detailed brief and quote for the services required, alongside approximated dates for identified milestones alongside our usual terms and conditions. We include generalised examples of similar projects for you as a reference. Our rates start from €1250 per day, plus VAT.
- Gap Analysis
- Key Findings
- Risk Ratings
- Action Plan
If you are unsure of your position, we start with a GDPR Snapshot to understand your data protection and cyber security gaps, a ‘GDPR gap analysis’ if you will. With your key stakeholders, we review your data landscape at a high level. We prepare a detailed report with risk ratings of key findings presented to you with guidance on remediating high-risk issues.
- Data Processing Agreements
- Policies and Notices
Robust GDPR documentation is the solution to most data protection issues, especially if you are a data processor. We provide you with bespoke Data Processing Agreements, data related Policies, Data Protection and Privacy Notices, Risk Assessments, Data Protection Impact Assessment, Transfer Impact Assessments, and Terms and Conditions.
Privacy by Design
- GDPR Programme Review
- Privacy Projects
Take a proactive Privacy by Design approach when implementing data protection in your processes and technologies. We identify your objectives, and benchmark your stance through audit, programme reviews, or a Data Protection Impact Assessment. Identified areas are scoped with key stakeholders and actionable guidance provided in reports.
Data Subject Requests
- DPC Engagement
We help you respond to and deliver on all data subjects rights requests, including access requests (DSARs) and requests to be forgotten. We provide you with Data Protection Commission support as required. We advise on returns, permissible exclusions, and redactions. Practical support is provided as needed on redactions and returns.
- Risk Assessments
- DPC Engagement
We help you with data breaches and data incidents. We help to risk assess to determine reportability. We help you to investigate and document data related incidents, including dealing with involved third parties. Where required or deemed necessary, we help you to report breaches to data subjects and the Data Protection Commission.
Our Promise to You
Expertise as and when you need it.
Our expertise is your peace of mind. We are life long learners who participate in continuous professional development courses, remain currently certified, and share our knowledge through public speaking engagements, webinars, and training sessions. Through our variety of packages on offer, you make use of the format and extent of our expertise you need at any given time.
Innovation and compliance in peaceful co-existence.
We’ll help you to stay red tape-free, leaving you free to innovate with your business intelligence data. Whether we’re working with the compliance team in a large third-level educational institution, a specialist medical research team, or a software provider to highly regulated industries, we bring our technically-backed legal skills to the table for your benefit.
Clarity when you can't see the wood for the trees.
Principles-based legislation is our specialty. Our advice and action plans are aligned to legislation, best practice, and custom. It is no-nonsense and straight to the point. We won’t let you get lost down a GDPR rabbit hole. We set you up to be legislatively compliant today, and built that way for the future.
Seamless integration of best practice into your day-to-day.
Change management is part of our DNA. We integrate data protection, privacy, and cyber security best practices seamlessly into your business. Understanding your context, we convey necessary compliance messages with empathy and understanding to relevant stakeholders. We take every step of the compliance journey with you, making sure our solutions fit your needs.
Partners, not just a client.
Besides helping our clients secure millions of Euro in contracts (fact!), we’ve been told that we change lives. How so? Simply, by speaking the right language and calmly removing stress from your circumstances. We get to know your context and your business inside out. Our clients will tell you that, long after a job is finished, we are there to support them.
Did You Know
You do the business. We’ll do the compliance. Email us today for a free no-obligations chat.
Based in Cork County, Ireland, with a global client base, we design and deliver risk-aware data compliance documentation, programmes and solutions. Most of our consults are online currently but we look forward to seeing our clients again in person soon.
For general contact, feel free to email Philipa on email@example.com.
If you have a data or online security emergency send a text marked urgent to +353 (83) 827 4889 and we will call you back.
Not sure what you should be doing about your GDPR Data Protection requirements?