It’s a very simple three stage process:
If you are a business starting from the beginning or have come some of the way but given up:
- We provide an Audit and gap analysis of your current level of GDPR compliance.
- We interview key people within your business who handle data and IT systems to gauge what you already have in place.
- We provide a gap analysis report along with a project plan showing what changes need to take place. This is your compliance journey mapped to your business.
All this for just £1500 plus VAT
This allows you the option to do as much or as little as you want, using me just for the audit or for writing policies and training as you require, at additional cost.
Audit your level of compliance from just £1500
Some of the businesses we’ve helped:
Simon helped train all our staff from the headmaster to the support workers in the essentials of GDPR, a great help.
It’s essential a business like ours is compliant with the regulation as our customers expect it from day one. PMA helped us become compliant which meant we could pitch for further projects and attract more customers.
I didn’t think we had any data but PMA explained staff data is included within the GDPR parameters. Help with our security and policies was provided helping us on the road to compliance.
ONLINE BANKING APP
We were having conversations with the ICO about complaints and possible breaches, we bought Simon in as our DPO and he helped resolve the customer issues and liaised with the ICO to ensure no fines were administered on us.
As MD of my business I was spending too much time working through GDPR without moving forward much, PMA were able to pick up the reigns and move us forward to a good level of compliance within the business.
When you have contacted us you will be asked a few simple questions which will help us understand the kind of help you need and even a rough idea of costs and timings.
Following this phonecall a site visit is sometimes called for and after this meeting a full proposal is provided with more accurate costs and timings.
The right level of support for your business
Begin by defining where you are currently, identify the gaps and agree on an action plan. It’s as simple as that. Not everyone will start at the same point which is why PMA offer different levels of GDPR support. You just need to find the one that works for you.
GDPR Level 1 – Full compliance
- Data mapping of sources within a business
- Evaluate level of compliance with ICO self-assessment guidance
- Gap analysis produced with a detailed action plan
- Provide advice on the impact of PECR and website Cookies
- Deliver documentation to support policies and business processes
GDPR Level 2 – Post-GDPR compliance
- Review the current level of compliance with GDPR
- Test internal process e.g. SAR, data breaches, privacy policies and Cookies
- Provide a rating, gap analysis and an action plan
- Provide advice on the impact of Brexit
GDPR Level 3 – Provision of a DPO service (inside the EU)
- Check the level of compliance within the business
- Liaise with ICO on queries and complaints received
- Answer data protection queries
- Build and run SAR (subject access request) processes
GDPR Level 4 – Working with an internal DPO
- Support delivery of training to staff
- Identify non-compliant areas
- Work with the ICO to answer any queries
GDPR Level 5 – Ad hoc data protection support and guidance
- Access to up to date information on the regulations within the UK, EU and Rest of the World
- Advice and guidance provided via telephone/Zoom/email
- Support for Data Protection Impact Assessments (DPIA)
- Bespoke Training for internal teams – marketing, HR, call centres, fundraising
If you have a specific need, there are several additional services you can access.
- Write Policy documents in several different languages
- Guidance on lawful reasons for data processing
- Deliver bespoke training by teams e.g. marketing, call centres, directors
- Write Privacy Statements
- Provide advice on PECR and Cookies
- Write Consent statements for marketing purposes
- Regular updates and information on data protection developments
- Recommend security IT and encryption tools
Get in touch with Simon today to find out more.
Frequently asked questions…
What is a data breach?
The GDPR states you must advise the ICO within 72 hours of any data breach where personal data has been compromised. It’s important to manage the interaction with the ICO to ensure you are seen in a positive light. If you have shareholders supporting your business, they must be considered when you go public with the news.
Why do you need training for GDPR?
It’s important to provide training modules that are bespoke to the teams in your business. I answer the question most employees have which is “what do I need to do differently in my role under GDPR?”. These sessions can be delivered face to face or over Zoom.
How do I know if I need a DPO?
Your DPO would deal with the ICO directly, manage any data breaches, update policies, test processes train teams in the principles of GDPR. Many are expected to be the consumer champion to ensure personal data is not being used illegally.
Get in touch with Simon today for the answer.
Want to explore more?
If you have a question or want to find out more about how we can help,
it would be great to hear from you.