As owner manager of an SME, data protection and in particular GDPR compliance has been an ongoing source of stress – thankfully never a critical issue but always lurking as a potential problem. I knew that whilst we did take data protection seriously, we didn’t have the proper policies and processes in place to document what we were doing and that we were unlikely to impress the ICO should we ever need to have contact with them. Our situation is complicated by the fact that we deal with international data and transfer data out of the UK/EU to third countries.
Data2Action walked me through the process with huge patience. Karen did a great deal of the heavy lifting, investigating our processors privacy policies, drawing up all the documentation we need and organising the processes that we need to apply to be and to show that we are compliant. What felt like an impossible task became manageable and Karen was always available to talk me through it and keep me on track. I found her solutions very practical and pragmatic which is absolutely essential when you have a business to run and need to keep the staff who actually have to implement the policies on board. From the first meeting, Karen had clearly done her homework on our company and has a proactive approach to finding solutions for us.
I would be happy to recommend Data2Action to other companies looking to get to grips with their GDPR compliance.
Christine, Pantheon Macroeconomics Ltd