The Compliance Consultancy provides Small and Medium Sized business with independent data protection compliance with over 20 years solution-providing experience…



We understand that not every business will be able to put the budget aside for a full consultant-led compliance project and have built a range of services to meet all requirements and budgets…



The Compliance Consultancy offers an comprehensive associate program. We’ve built a pool of highly skilled individuals with key skills in our practice areas and are constantly looking for talent, if you would like to join our team of GDPR consultants and help our data protection clients…


The rapidly changing landscape of the digital economy combined with the arrival of new legislation will have implications for all organisations, large and small.

The General Data Protection Regulation (GDPR) requires you to re-assess your data protection policies and processes. To comply with this data protection legislation designed to provide greater protection for the public and enhanced obligations for organisations, all affected businesses need to carefully consider how they handle data and what security is in place to protect it.

The Data Protection Act 2018 has now brought GDPR in to UK law and all businesses have a legal obligation to protect data. If you’re “an SME” we understand that the resource required to align with compliance creates a challenge. We also understand that you will want to minimise the impact to your day to day running of the business.

GDPR consultants data
GDPR consultants data

Although it may seem like another addition to the increasing list of responsibilities for you this is an important piece of regulation to take note of.

There has been much research identifying that many organisations have yet to start their GDPR project, and we understand the challenges and know how to structure and plan to minimise the impact.

The Compliance Consultancy provides data protection consultancy solutions to suit all sizes of business and budget to aid you in complying with the regulations, and minimising the associated risks whilst accessing our proven methodologies and experienced team. As GDPR consultants we can help every business with data protection

Getting ready for GDPR

Use this self-assessment toolkit produced by the information commissioners office to get you started .

Speak to the experts on 0161 951 5660 or request a call back

GDPR stands for “General Data Protection Regulation” and is a new regulatory framework to standardise and increase Data Protection for people within the European Union. It also attempts to regulate the transfer of personal data from outside of the EU.

Any organisation that stores information on individuals will need to audit and assess its own practices and implement changes to ensure that consumers and employees data is safe. You may also want to check best practice and regulations around credit card (PCI compliance) and general the Data Protection Act 2018 requirements.

In a word No, it became law on the 25th May 2018 you are expected to have completed the prerequisite review and audit, then have already and implemented the changes to ensure compliance. Brexit will not change this.

  • Penalties – The Regulation will enforce tough penalties; the proposed fines are up to 4% of annual turnover or €20 million, whichever is greater.
  • Damage to Brand reputation – According to Gartner, only 6 percent of companies survive longer than two years after a serious data breach.
  • The cost of clean-up will also be significant, serious breaches have resulted in business failure

You need to identify the areas within your business operation that could cause compliance problems. The tasks ahead are not trivial.

Compliance can be challenging, and for those who delay until a breach, regulatory intolerance will create unnecessary challenges, as indeed will the associated costs of clear up

It is accepted that all businesses are likely to suffer a breach of one sort or another, knowing how to deal with it will be crucial. Would you prefer to undertake the work to align yourself with the regulatory body overseeing your every move, and setting timescales, or would you prefer to do so at a rate that suits your business?

The previous directive (data protection act) came into effect in 1998. EU member states all have had different interpretations (Germany, for example has much more stringent data protection regulations). In the UK as the DPA 1998 was a directive, as a result companies holding personal data have not treated protecting data with the same level of importance as they should. In addition to this, the circumstances where data is shared, is dramatically different. In 1995 (date of the EU directive) internet usage was estimated at 11% (Nielson Online – http://www.nielsen-online.com) of the EU population, and trust in online usage was minimal. Nearly all websites now require you to disclose personal information, and until May 2018 the directive did not cater for mass usage, storage and protection of personal data. Elizabeth Denham (Information Commissioner) stated in her “Information Rights Strategic Plan 2017-2021” (ICO – https://ico.org.uk/media/2014134/20170413icoinformationrightsstrategicplan2017to2021v10.pdf )that “trust in data flow is fundamental to people engaging in the digital economy”

Get a free consultation

How certain can you be that all your legal obligations are met? The Compliance Consultancy will give your business a simple audit completely free of charge. There are 2 ways to protect yourself, full compliance or enough to make changes to keep you out of trouble.

    *Please ensure all fields are completed.

    Please see our privacy policy, we are completely transparent about how we manage personal data.

    What do our clients think?

    ‘I approached Stuart at The Compliance Consultancy and asked him to help with the GDPR compliance for my business. He was great to work with and due to his expertise, we were able to save time, money and most importantly, it gave us a good piece of mind regarding our obligations to data privacy. This means we can now spend more time focused on the business. A seamless process, a fair price and perfect for SME’s’.

    -Neil Clough: MD & Co-Founder of This is Prime