Policy Checking & Authoring


Should you ever have a data breach, or even be reported erroneously to the ICO, it can make all the difference if you have robust policies and documented operational procedures in place.

It can tip the balance between the ICO choosing to take enforcement action against you – or accepting that there was little more you could have done, and therefore taking no further action. There’s no doubt which of these two course of action you’d prefer!

What’s ‘robust’?

It’s more than just knowing which particular policies you need and then adapting generic templates. We can write bespoke data protection policies which deal with your organisation and the way you handle data.

How we’ll help you comply

We take the time to really understand your business, its people and your clients. That way, the policies and procedural documents we write for you will make sense and will be workable.

The key to great compliance is having policies which are clear, relevant to your business, and which provide practical guidance in a way which is easy to follow.

Are you, or do you use, a data processor?

If you use a data processor (or if you are a data processor) – for example, a payroll bureau, a marketing agency or a hosted data solution – then you must have a data processing agreement in place.

Not all data processing agreements are created equally, and it’s important that your agreement provides the protection you need. Whether you just need your existing agreement reviewing and tweaking, or you require an agreement written from scratch, we’re here to help.

Don’t be blinded by ‘science’! We sometimes see data-sharing agreements which are unnecessarily long and complex – and these often raise more questions than they answer. However, by working with you and your partners we can help to create a document which:

  • covers only what you need
  • clearly states everyone’s obligations
  • provides the governance to demonstrate your compliance.