Data Protection

The quantity of personal data being processed has never been greater, and the EU led the world in implementing the GDPR back in 2018 to help protect this data. New responsibilities have been applied to companies processing such data, with significantly increased fines for those not taking appropriate measures to protect this data.

We help develop and implement privacy program frameworks through our CIPM Consultants. From establishing the program through to maintaining and managing it, we’re involved across the operational life-cycle.

Our CIPP/E and CIPM Consultants provide contract DPO services to inform, advise and issue recommendations regarding GDPR compliance. Appropriate processes and technology are put in place to manage privacy. A light-touch Data Protection Officer Subscription Service is also available for companies seeking peace of mind.

Mandatory vs Voluntary DPO Appointment

Article 37(1) of the GDPR requires the designation of a DPO in three specific cases:

  • Processing carried out by a public authority or body

  • Regular and systematic processing on a large scale

  • Processing special categories of data or criminal convictions

Our clients don’t always meet any of the above criteria. However, they typically appoint a certified DPO on a voluntary, light-touch, basis because:

  • The role is held by someone who is busy with their day-job

  • They want someone to turn to when there’s a question or issue

  • Getting Data Protection wrong could lead to fines and brand harm

What is the maximum fine for infringing the GDPR? It’s up to the MAXIMUM of either:

€20 million

or

4% of Global Revenue

Data Protection Officer Subscription Service

As outlined above, many of our clients prefer to have a light-touch DPO available when questions need answering. Our DPO Subscription Service provides the same services, with only the monthly time available differing on each plan.

Our Data Protection Officers are certified by the International Association of Privacy Professionals (iapp.org). Combined, the CIPP and CIPM certifications, which are both certified under ISO standard 17024:2012, prepare a successful DPO.

Subscription Plan Profiles

Standard service on all plans:
DPO PRIMO
DPO PLUS
DPO PRO
  • Virtual Data Protection Officer Support
  • Named & Certified Data Protection Officer
  • Upfront & Annual Data Protection Assessment
  • DPO Registered with ICO
  • Phone & Email Access to DPO
  • Data Protection Template Access
  • DPIA | DSAR | Data Breach | Contract Clause Support
  • Annual Employee Training
DPO PRIMO
Up to 2-Hours Support per Month
DPO PLUS
Up to 4-Hours Support per Month
DPO PRO
Up to 8-Hours Support per Month

Typical Client Profiles

DPO PRIMO
Micro to Small Business | Virtual, Co-Working, Shared Office Space | General Personal Data | EU Processed Data | Data Controller or Processor
DPO PLUS
Small to Medium Business | Minimal Office Locations | General Personal Data | EU Processed Data | Data Controller or Processor
DPO PRO
Medium to Large Business | Multiple Office Locations | Special Categories Personal Data | Cross-Border Transfers | Data Controller or Processor

More information...

For more information on how we can support your Data Protection Officer requirements, please email dpo@trustibc.com or call 0330 223 4922.