Data protection consultancy

Our combined expertise can add value whether to handle end to end compliance or to assist your team part of a large scale compliance project.

Area of expertise

  • Programme management
  • Audit & gap analysis
  • Project management
  • Policy: authoring & review
  • Records of processing activities
    • data mapping
    • workflows (Viso / OBASHI)
  • Asset registers
  • Data protection notice
  • Data processor agreements: authoring & review
  • Data processor (vendor) audits
  • Data protection by design
  • Data protection impact assessments (DPIA)
  • Risk assessments

Scope

  • EU - General Data Protection Regulation (GDPR) & ePrivacy
  • UK - General Data Protection Regulation (GDPR) & PECR
  • EU - Digital Operational Resilience Act (DORA) - Regulation 2022/2554 for financial institutions
  • EU - Digital Services Act (DSA) - Regulation 2022/2065 for intermediary services
  • South Africa - Protection of Personal Information Act (POPIA) - Act 4 of 2013
  • US - HIPAA Privacy Rule - Health Insurance Portability and Accountability Act of 1996
  • California - California Consumer Privacy Act of 2018 (CCPA) CPRA
  • Brazil - Lei Geral de Proteção de Dados Pessoais (LGPD) - Lei 13709/2018
  • Canada - Personal Information Protection and Electronic Documents Act (PIPEDA)

Industries

  • Healthcare
  • Software
  • Non government organisations (NGO) & Charities
  • Financial Services
  • Lottery & Gaming
  • HR & Recruitment

Languages Spoken

  • English
  • French
  • Portuguese
  • (for now)

Contact Us