GDPR Compliance

Does your organisation have employees, customers, or suppliers? If so, you almost certainly process some personal data and that means that the General Data Protection Regulation (GDPR) applies to you. You must ensure that you comply by 25 May 2018.

Understanding the requirements of the GDPR and interpreting how the regulations apply to you is complex.

We offer a full GDPR compliance service, from gap analysis to implementation of controls and ongoing compliance support.

Gap Analysis

Our straightforward 3-step Gap Analysis service for GDPR compliance reviews your current arrangements and sets out exactly what you need to do to comply:

  1. Prepare – we catalogue all the different sets of data that you hold and the various locations and methods of access to that data
  2. Identify – we use our proprietary Activ Comply legal compliance software to determine what the GDPR requires of you for each of your data sets
  3. Analyse – using a matrix, we compare the requirements of the GDPR to the controls you currently have in place for each of your data sets, and pinpoint where there are gaps


You’ll receive a comprehensive report that sets out your current compliance level, highlights any gaps, and provides a sensible, proportionate action plan to close those gaps. The report will also include a fully-costed proposal for us to support you to achieve compliance, should you wish.

Our GDPR Gap Analysis service is provided at a fixed cost with no hidden extras.

Please contact us for a no-obligation discussion and quotation.

Achieve GDPR Compliance

The Gap Analysis report will give you a clear action plan to close identified gaps, plus a fully-costed proposal for us to do the work for you. If you choose this option, our experienced consultants will design and implement the necessary controls to ensure that you achieve compliance.

Maintain GDPR Compliance

Once your organisation is fully compliant with the GDPR, you’ll need to ensure that you maintain compliance on an ongoing basis.

For organisations with simple personal data processing activities, maintenance may mean no more than periodic reviews/checks of the procedures and controls in place for personal data processing.

Organisations with more complex personal data processing activities will need to regularly update the information they record on their processing activities, undertake formal audits on their security controls, complete appropriate investigations into personal data breaches and may need to appoint a Data Protection Officer.

Our consultants can take care of ongoing GDPR compliance maintenance for you. Whatever your organisation’s needs, we offer an ongoing maintenance service tailored to your unique circumstances. Ranging from a simple annual check-up through to a fully-outsourced Data Protection Officer service, our expert consultants will ensure that you remain compliant.

Simple, assured compliance.

Please contact us for a no-obligation discussion and quotation.