From a full retained DPO function to standalone compliance projects — flexible services built around the ICO’s Accountability Framework, tailored to your organisation.
Your named Data Protection Officer on a retained basis — embedded in your governance, available when you need them, at a fraction of the cost of hiring.
| Included in your retainer* | Essentials | Standard | Premium |
|---|---|---|---|
| Named DPO — dedicated point of contact | ✓ | ✓ | ✓ |
| ICO liaison — registered as your DPO contact | ✓ | ✓ | ✓ |
| Annual compliance review | ✓ | ✓ | ✓ |
| Board-level reporting | ✓ | ✓ | ✓ |
| Breach management — triage, assessment, ICO notification | ✓ | ✓ | ✓ |
| Regulatory newsletter | ✓ | ✓ | ✓ |
| Ad-hoc advisory support | Email & phone | Email, phone & Teams | |
| Governance meetings with written summary | Quarterly | Monthly | Fortnightly |
| Regulatory monitoring and reporting — ICO, DUAA | Quarterly | Monthly | Monthly + alerts |
| Staff training | — | 1 session/year | 2 sessions/year |
Retainer fees are based on your organisation’s size, complexity, and sector risk profile. We’ll recommend the right tier after an initial conversation. Out-of-scope work is always quoted separately before we begin.
Get in Touch for a QuoteDiscrete project engagements for specific compliance needs — available to retainer clients and as standalone commissions.
DPIA screening, full assessments, and ICO consultation advice for high-risk processing — including AI, cloud migration, and new technology adoption.
Due diligence assessments, Article 28 data processing agreements, sub-processor management, and international transfer assessments.
Transfer Risk Assessments, UK IDTA and UK Addendum implementation, supplementary measures, and transfer mapping across your supplier estate.
Point-in-time assessment against the ICO’s Accountability Framework producing findings, risk ratings, and a prioritised remediation plan.
Learn more →Building your Article 30 ROPA from scratch or reviewing an existing register — including data mapping, lawful basis identification, and maintenance.
Comprehensive policies tailored to your organisation: DP policy, privacy notices, DSAR procedure, breach procedure, retention schedule, and more.
Formal LIAs following the ICO’s three-part test: identifying the interest, demonstrating necessity, conducting the balancing test.
Expert support during ICO investigations: reviewing correspondence, preparing responses, and managing the regulatory relationship strategically.
Expert-quality compliance materials without an ongoing commitment.
ROPA template, privacy notices, DSAR procedure, breach procedure, retention schedule, LIA template, DPIA screening questionnaire, and Accountability Framework checklist.
Secure payment via Stripe. Instant digital delivery.
UK-specific data protection e-learning: awareness, DSAR recognition, breach reporting, role-specific modules. Quizzes, certificates, completion tracking.
Secure payment via Stripe. Per-user licensing.
Monthly subscription: ICO guidance, enforcement actions, legislative developments, practical implications — for non-specialists.
Secure payment via Stripe. Cancel anytime.
We’ll recommend the right combination of services based on your size, sector, and compliance maturity. The first conversation is always free.
Book a Free Consultation