Practical Advice You Can Rely On

Data Protection

The GDPR (Data Protection Act 2018 in the UK) requires all organisations to follow key principles when processing data about a natural person. This impacts organisations that have employees, customer and suppliers that are EU citizens, including organisations based outside of the EU. The nature and size of the financial penalties and repetitional damage associated with non-compliance with the GDPR, presents a legitimate risk to all organisations. Our service will assist you in becoming compliant.

GDPR Review & Roadmap

Our EU certified consultant will meet with your team to review your current level of compliance. Over the phone or in person, we will review how your currently processing personal data, assess your current compliance framework and how it aligns to your legal requirements under the GDPR. We will detail this in a report, providing you with an understanding of your current compliance and what is necessary to include to comply with the law.

Assessing Compliance

Current Compliance

It is important to understand the general culture and how you process peoples personal data. We also need to understand your general approach to risk management and crucially the security of that processing.We document your current compliance status and adherence to all of the main articles of the GDPR.

Processing of Personal Data

It’s vital to uncover the full details of your current processing of personal data. By identifying and evaluating the risks this processing exposes to your organisation, we can enable you to mitigate those risks whilst demonstrating an effective but pragmatic level of GDPR compliance.

Policy & Governance

You must be able to demonstrate compliance with the GDPR.

One of the key ways that this is achieved is to have a number of polices and procedures in place. We advise on the gaps in documentation and how to demonstrate effective compliance governance.n to do business with you.

Training

We assess how you are currently training your team and communicating with them regarding their rights as ‘Data Subjects’ as well as their own obligations in the workplace. We can also provide a range of training courses to enable your organisation to demonstrate how it meets this key area of compliance.

DPO as a Service

Pangolin provides the role of Data Protection Officer as a service for your organisation. Whether you require a DPO due to compulsory requirements or your company wants to establish an enhanced level of compliance with the GDPR to the ICO and partners, we’ll help you implement strong and up to date privacy policies and advice.

Advice & Guidance

We’ll provide advice and guidance on all your data protection needs by telephone or email as and when our service is required. By delivering initial guidance and training to your company on breaches of data protection and handling your Data Subject Access Requests, we’ll take accountability of managing and ensuring your company stays compliant.

Incident Management

As your company’s DPO, we’ll act as the liaison and incident manager with the Information Commissioners Office (ICO). We’ll ensure the ICO is informed of a breach within the allotted 72 hours of the breach becoming known. Through constant monitoring of your company’s compliance with the GDPR we’ll ensure that areas of risk are identified and managed before any breach takes place.

Data Protection & Compliance