Search

Call us on: 0333 2400 308

What We Can Do For You

Data Protection

Our UK GDPR services are designed to guide your organisation through the journey in a worry-free and painless way that assures complete compliance at the end of the road.

Navigator provides a range of services for organisations at all different stages of data protection compliance, for those who have not yet started the journey or those in the middle seeking a professional review of their progress.

Service Quick Links

Data Protection

Compliance Audit and Action Plan

Navigator can audit practices and internal policies to determine where your organisation currently stands in the data protection compliance journey.   This can be tailored to audit specific areas or departments of the business which are higher risk (for example, human resources and marketing) with an awareness of the unique requirements in certain sectors, such as care providers and independent schools.

Confidential legal advice in the audit report will identify action points and recommended solutions, with a prioritised trackable action plan that details tasks to improve compliance, with scope for the business to set deadlines and allocate responsibilities to appropriate personnel.  Navigator can also provide policies or update existing policies, and facilitate training if needed to support organisations taking action to improve compliance.

Summary

We can provide an audit report identifying action points and recommending solutions, including: 

Data Protection

Documentation Review

Navigator can review or provide organisations with tailored policies, procedures and documents which comply with requirements of data protection laws, such as:

  • Privacy policies or privacy notices, including internal privacy information for the organisations staff and also outward-facing website privacy information.
  • Registers of data processing activities for organisations using special category personal data (e.g. staff health information).
  • Internal data protection policies, compliant with legal requirements for processing of special category personal data, and other policies tailored to minimise risks of data breaches and non-compliance (for example, IT and Email Usage, Homeworking policies).
  • Contracts or agreements required by organisations using external personal data processors (e.g. payroll or IT services) or when sharing personal data with partner organisations.

Summary

Our documentation review will ensure compliance with data protection laws, looking at:

Data Protection

Subject Access Requests

Navigator provide a variety of options to organisations needing support handling subject access requests (SAR).   Having advised on the validity and scope of the SAR, we can review all the documentation containing personal data and provide confidential legal advice on exemptions and what personal data to disclose.  In addition, we can advise confidentially on any related litigation risks and support organisations in the event of a data subject complaint to the ICO (Information Commissioner’s Office).

Summary

We can provide confidential advice and support if your organisation receives a subject access request, including: 

Data Protection

Data Breach Support

Navigator support businesses handling personal data breaches, covering those which are malicious (such as malware cyberattacks) or accidental (such as staff emailing confidential personal data outside the organisation).  We provide confidential legal advice on whether data breaches are reportable to the ICO and how to mitigate or minimise risks in those circumstances. 

Summary

A data breach can be malicious or accidental. We can: 

Data Protection

Data Protection Training

Navigator offer bespoke data protection training (on-site or remote) for all levels of personnel, based on their exposure to data processing activities within the organisation, as recommended by the ICO.  This includes:

  • Introductory and/or refresher training for staff to ensure understanding of their responsibilities when using personal data, and what to do if there is a data breach or a subject access request (SAR)
  • Management training for boards or key personnel involved in compliance to ensure those accountable have a high level understanding of the legal requirements and associated risks.

Summary

Training can be provided for all levels of personnel, including: 

Data Protection

Data Protection Impact Assessments (DPIA)

Navigator can assist organisations carrying out Data Protection Impact Assessment as required for specified types of data processing or processing likely to result in a high risk to individuals.  Recent examples relate to organisations using additional health information arising from the Covid-19 pandemic.

Summary

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Data Protection

Additional Services

Some Navigator clients have required bespoke advice or services not listed above, for example:

  • Drafting responses to tender applications requiring information about an organisation’s data compliance.
  • Advising UK-based businesses, without offices in the EEA but who offering goods or services to individuals in the EEA, on legal requirements to appoint a European Representative.
  • Mapping personal data processed by an organisation and determining the lawful basis for processing activities.
  • Advising on international data transfers, and how to lawfully send personal data from the UK to countries that the ICO and European Commission do not view as having adequate safeguards (e.g. USA).

Summary

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Call Us Now on: 0333 2400 308

or

Newsletter Subscription

Sign Up to the Navigator Newsletter

Stay informed with the latest changes in employment law, health & safety, HR and data protection including noteworthy cases, upcoming events and other useful articles.

We only use your details to send you our monthly newsletter along with event invitations and other useful articles. You can unsubscribe any time.

Contact Us

Get in Touch

0333 2400 308

enquiries@navigatorlaw.co.uk

Floor 3
1-4 Atholl Crescent
Edinburgh
EH3 8HA

Newsletter Subscription

Sign Up to the Navigator Newsletter

Stay informed with the latest changes in employment law, health & safety, hr and data protection including noteworthy cases, upcoming events and other useful articles.

We only use your details to send you our monthly newsletter along with event invitations and other useful articles. You can unsubscribe any time.

Contact Us

Get in Touch

0333 240 308

enquiries@navigatorlaw.co.uk

Floor 3
1-4 Athol Crecent
Edinburgh
EH3 8HA