GDPR advisory

Our GDPR and data protection experts are here to help.

At Willans Data Protection Services and our affiliate, UK law firm Willans LLP, we can help you in many ways. Our GDPR and data protection experts can support you with advisory services to include:

GDPR audits and assessments

designing compliance programmes and privacy governance frameworks

bespoke solutions for your organisation such as staff training.

We can provide you with a full solution or help you with certain aspects, no matter where your organisation is on its GDPR journey.

Why is GDPR important?

The General Data Protection Regulation (GDPR) is the European Union’s new data protection regime which came into effect in May 2018.

It has wide territorial scope – it applies not only to organisations with a physical presence in EU member states, but also to entities located anywhere in the world, if they are processing personal information about, or monitoring the behaviour of, EU citizens to whom they are offering goods or services.

GDPR also introduces vastly increased fines. The maximum fine for a serious infringement is 4% of annual worldwide turnover, or €20 million, whichever is the greater. Therefore even a smaller organisation could potentially face an administrative fine of up to €20m.

How can we help?

How can we help?

GDPR audits

The first step in any GDPR compliance programme is to understand what data you are processing and where, and how that data flows around your organisation. This also helps in the preparation of Article 30 records, legally required records of your data processing activities. Our affiliate Willans LLP (a UK law firm), can assist with these steps.

GDPR gap analysis

Our affiliate Willans LLP (a UK law firm) can advise you about where the gaps in your GDPR compliance lie, and help you devise a strategy to remedy them.

GDPR compliance

Our affiliate Willans LLP (a UK law firm) can work with you to develop a suite of data protection policies, privacy notices, impact assessments and contracts with other organisations processing data on your behalf, to ensure that you are, and remain, GDPR-compliant.

Transferring data out of the EU

If you are transferring data out of the EU, the GDPR requires you to have certain safeguards in place, which may need to involve special contractual arrangements. Our affiliate Willans LLP (a UK law firm) can advise on these measures.

Article 27 Representative

If you are processing data about data subjects in the EU but are not yourself established in the EU, you may be required to formally nominate a representative within the EU for data protection purposes, under Article 27 of GDPR. We can act as your data protection representative. Find out what this involves and whether you might need to appoint an Article 27 Representative.

UK Representative

If your organisation is located outside the UK but offers goods or services to individuals in the UK, or monitors their behaviour, and you are processing their personal data for those purposes, then the chances are that on Brexit the UK’s Applied GDPR regime will apply to you. Find out what this involves and whether you might need to appoint a UK Representative.

Data Protection Officer

Some organisations will need to nominate a Data Protection Officer who is responsible for overseeing and implementing its data protection strategy and implementation in accordance with GDPR requirements. We can act as your Data Protection Officer. Find out what this involves and whether you might need to appoint one.

GDPR training

We offer GDPR training for organisations at all levels. Our courses are designed to educate and inform staff on GDPR legislation and rules and provide practical examples of how to stay compliant.