LET'S WORK TOGETHER
We offer a variety of services that range from data protection to business administrative support as well as bespoke services that are custom-tailored to your needs. Data Protection Advisory Services
DATA PROTECTION OFFICER (DPO) SERVICES
Your trusted DPO service to help your organisation implement mechanisms to in meeting your legislative objectives. Our service will
Maintain and monitor organisational compliance
Review of policies and procedures
Support and advise employees, senior management, business processors to ensure compliance
Employee training and raising data protection awareness
Review and update online eLearning package
Implement privacy management program and framework
Support business with data subject rights complaints with data subjects and Information Commissioner’s Office (ICO)
DATA PROTECTION TRAINING
We are excited to offer our virtual and face to face data protection training to equip your workforce and build awareness of data protection matters. Our training packages are designed to incorporate key aspects of data protection compliance modules and we work to ensure the sessions are engaging and interactive.
Our certified Data Protection Officers undertake training with their wealth of experience in delivering effective training sessions.
Data Subject Rights
Subject Access Request
GDPR Refresher Training
DATA BREACH MANAGEMENT
When data is lost, stolen, or otherwise compromised, a data breach has occurred. When this involves personal data, a data breach can be particularly harmful both to your business and to those individuals whose personal data is involved.
It is therefore important to have a clear procedure in place for handling data breaches, making sure they are contained quickly and effectively investigated to ensure the ICO and affected data subjects are notified if necessary, and that appropriate actions are taken to prevent such a breach from happening again.
DATA SUBJECT ACCESS REQUEST
Transparency is an important part of the UK General Data Protection Regulation (GDPR) and individuals known as “data subjects” under the legislation, have the right to find out what personal data an organisation holds about them, what the organisation does with their data and why the information is being processed.
A “subject access request” (SAR) gives data subjects certain rights of which the most popular is the right of access to their information held by an organisation. You will need to respond to a SAR within one calendar month and Sarsearon Consulting will:
Review and redaction of third-party information
An efficient and pain free process with highly qualified and certified experts.
DATA PROTECTION IMPACT ASSESSMENT
When starting out on a new project or implementing new systems which involve personal data, a Data Protection Impact Assessment (DPIA) can be a vital tool in ensuring compliance, minimising privacy risks and maximising the protection of individuals' rights.
All organisations working with personal data should be adopting a “data protection by design and default” approach - something that is particularly important under the UK GDPR - ensuring that data protection and the rights of data subjects are factored in at the early stages of any new project that will involve personal data.
This will enable important privacy and data protection considerations to be factored in from the start by identifying potential risks and establishing mitigations and solutions to those risks.
GDPR GAP ANALYSIS ASSESSMENT AND AUDIT
This is an essential starting point in complying with the UK's data protection legislation and UK GDPR. Some of the activities to help demonstrate your compliance, is a data protection audit which will assess the current state of play within your business, determining the degree to which your current practices align with the requirements set down in the UK GDPR, and identifying areas for improvement.
Let Sarsearon Consulting get your organisation compliant with our in-depth Audit. A complete MOT of your business and helping you meet your obligations under the DPA & UK GDPR.
DOCUMENT REDACTION SERVICE
Our document redaction service will identify and remove sensitive and third-party information from your electronic, PDFs and Picture format documents and safely redact to ensure utmost compliance. Let's give you back your time to focus on important business objectives.
We offer a cost effective, secure and confidential service to support your business with the onerous task of redaction.
DATA SHARING AGREEMENT (DSA)
Businesses share all kinds of data for various reasons. When that data is personal data, additional care is required. In some cases, a data controller will share data with another data controller. A DSA is designed to ensure that both parties comply with their obligations under the UK GDPR and the Data Protection Act 2018.
This agreement sets out the respective obligations of the parties, addressing key areas including compliance with the data protection legislation, the fair and lawful processing of personal data, the rights of data subjects, data retention and erasure, the transfer of the shared personal data, the all-important requirement to implement “appropriate technical and organisational measures” to protect the data, and the handling of personal data breaches.
Data Processing Agreement
UK GDPR & Data Protection Policies
Data Retention Guidance and Policy
Data Handling Policy
Document Review and Data Protection Clauses