Privacy & Compliance Support

Our commercially minded consultants can act as your DPO or provide expert support as and when your team needs it. We can help you cover absences and provide additional expertise and assurance to help you answer queries, comply with the law and deal with data protection incidents.

We provide a practical solution for organisations that either don’t have the necessary specialist expertise to fulfil their DPO obligations, or those that are just looking for extra Privacy and Compliance support on a provisional or project-based basis.  

Our services include:

Our consultants can provide specialist support in several key areas, including:

  • Creating and implementing incident management plans and playbooks that integrate with your existing disaster management, business continuity and crisis communications processes. Where necessary, these can also be created, adapted or expanded.
  • Supporting your incident response team to investigate and respond to data protection incidents, including providing incident response plans if required
  • Facilitating post-incident review sessions to identify what went well, what lessons should be learned, and practical changes that could reduce the likelihood of a recurrence and improve your organisation’s ability to respond

We will take on all responsibilities of a DPO and report into the highest level of management. These responsibilities include:

  • Informing and advising you about your legal obligations
  • Monitoring your compliance with the law
  • Helping you with Data Protection Impact Assessments
  • Liaising with the ICO as required
  • Maintaining your records of processing and data protection risk
  • Reporting on how identified risks are controlled

Click here to find out more

Our consultants can cover absence periods of any length.

We can help your organisation create policies that align regulatory requirements with your organisation's values, objectives and capabilities. We can then help you translate these policies into actionable guidelines, logical processes and detailed playbooks and design staff training that results in real behavioural change.

We can provide expert support for your team when its needed, and our consultants can assist on projects such as:

  • Creating and maintaining data protection documentation. This includes records of processing and process maps, Data Protection Impact Assessments, vendor security assessments, data protection policies and procedures, and incident management logs
  • Improving the effectiveness and efficiency of existing processes. This includes Data Subject Rights, information sharing between data controllers and data processors, and the information collection for data protection impact assessments or legitimate interest assessments
  • Designing data protection into new innovations
  • Supporting teams to find practical ways to mitigate identified data protection risks

Our Advice Line service provides same-day answers to straightforward data protection questions.

Through the specialist data protection lawyers at our sister company GRCI Law, we can provide legal review and assurance to give you confidence in your approach.

What our clients say

“Camilla is a very knowledgeable professional allied to a great ability to ‘get things done’. I have very much appreciated her words of wisdom and can-do approach’.
Kai Winterbottom, Data Protection Officer, Aldermore Bank

“DQM GRC initially conducted a GDPR readiness review which highlighted a number of areas the team at Pearson needed to work on to be ready for GDPR. Since the review they have been supporting us on site with our data mapping and Records of Processing in order to ensure we are compliant to our Article 30 obligations. We have found their team to be supportive and helpful which has enabled us to move forward with our overall GDPR plan.”
Stephen McCartney, EU Director of Privacy, Pearson

“Comic Relief has been supported by DQM GRC with a variety of GDPR initiatives. Most recently they ran a workshop to help us with our data mapping and Article 30 compliance and the software tools that could support this, as well as a breach response workshop which the team found valuable and engaging. I have already recommended their services to colleagues in the not for profit sector many times.”
Liz Curry, Business Planning and Process Manager, Comic Relief

Our approach to consultancy

Our clients choose DQM GRC because our consultants have commercial backgrounds as well as privacy expertise. Our pragmatic, practical and hands-on approach means we can help organisations find ways to achieve their objectives – we don’t just review your ideas, we help you shape them.

Discuss your needs today

To find out more about how we can help your organisation, call us now on 01494 442900 or complete our enquiry form:

Find out more?

Leave your contact details below and one of our expert team will be in touch

We will only use the contact details you supply on the basis of our legitimate interest to respond to your query and contact you about DQM GRC. You will always be given the opportunity to opt-out from future communications. Please read our privacy policy for more details.


Find out more..

If you are interested in any of our services then please either use the contact form or contact us via of the methods below:

  •   Telephone
  •   E-mail