We offer a range of privacy and cybersecurity services, some of which are listed here. Please contact us for the full range of services. We can always tailor bespoke services to fit your needs.
Privacy stuff we can help with you with
Privacy is not the only thing we do.
We do all sorts of cybersecurity too.
Cybersecurity stuff we can help you with
How confident are you of your GDPR compliance?
Now that the GDPR is here and you have completed all your GDPR work, how confident are you that you have done it correctly?
Many organisations are finding that they have been advised poorly and have lost valuable data or have spent money and time on unnecessary things. For example, companies have been sold tools and services they did not require or have many gaps in their compliance. Marketing companies GDPR compliant but oblivious about PECR requirements. HR relying on completely inappropriate lawful basis for processing which is likely to get them into all sorts of issues later on. These are some real examples of GDPR gone bad.
We are providing GDPR, PECR and Cyber Security assurance service for organisations that want a second opinion and assurance that their security and privacy is up to the mark.
Please contact us
Fixed Price GDPR and Readiness Assessment
If you are yet to start your GDPR programme. Do not reinvent the wheel. GDPR is an evolution, not a revolution. You do not have to start from scratch. Find out what you have, what is good and where the gaps are. Our GDPR Readiness Assessment is a fixed price comprehensive assessment which will pinpoint what you must do to be GDPR compliant. Our clients really appreciate and understand our tried and tested readiness assessment carried out by our experienced GDPR and privacy practitioners.
Call us on 07960 387876 or contact us about our GDPR Readiness Assessment.
GDPR Readiness Assessment and Report
Detailed list of remediation and action plan
A project/workstreams roadmap
What is the Scope of the GDPR?
Article 3.2 - Organisations Offering Goods and Services into the EU
The scope of the GDPR is often the most debated and confusing element. There have been many posts asking for clarifications of who a data subject is and what is the territorial scope of the GDPR. This is my attempt at explaining what the scope of the GDPR is in a pictorial way. The territorial scope of the GDPR can be complex. It does not only apply to companies in the EU but according to Article 3.2 of the GDPR by the virtue of providing products and services into the EU from outside the EU, the GDPR could apply to organisations located anywhere in the world. The services or products do not necessarily have to be paid for. Various tests such as the currency the fees are paid in and the language used on the website, the advertising target and whether the goods are delivered to locations in the EU is used to decide whether organisations fall in the scope of article 3.2
Article 3.1 - Organisations Established in the EU
Furthermore, according to Article 3.1 of the GDPR, organisations that have a presence in the EU by the way of being “established” in the context of their activities, the GDPR could cover their global personal data processing. Establishment is very loosely defined. An organisation could be established by having just an office, a chapter a sales office/agent, representation a field office etc. in the context of its activities. In such circumstances, the GDPR not only applies to the organisation’s processing of EU data subject's data but also any processing of personal data of any individual regardless of their nationality, residence or physical location. In effect, the GDPR could apply any organisation anywhere in the world and any individual anywhere in the world. In summary, the GDPR could therefore, apply to any person’s personal data anywhere in the world and any organisation processing personal data anywhere in the world.