ABOUT US

I am Sarah Davies founder of theVirtualPrivacyExpert.com.  A service for companies, small and large, who want to ensure they operate not only within the law but also who care about how they handle and store their data.

Since 1998 we have been working with companies and individuals to help them operate within the UK Data Protection Act and more latterly GDPR and during that time things have changed considerably. Now we have to look at:

• • GDPR- EU General Data Protection Regulation
  • UK Data Protection Bill 2018
  • Privacy and Electronic Communications (EC Directive) Regulations 2003
  • Freedom of Information Act 2000
  • US Privacy Law – Privacy Shield
  • CAN-SPAM Act of 2003
  • PCI DSS
  • Regulation of Investigatory Powers Act
  • The Computer Mis-use Act
  • ISO 27001
  • Human Rights Act (particularly article 8)
  • International Data Protection Laws, EU, Asia, Africa and the US.

To name just a few!  With each of these acts, often including some cross over with another, it becomes challenging to make sure you operate inside each and every relevant law. Having had extensive experience in all of these areas for global companies and for Public sector bodies we are uniquely positioned to guide you through the data privacy minefield.

Many organisations are able to offer guidance on what the acts mean but few are able to give sound useful business advice that translates legal-ese and euro-speak into practical steps you can take within your business. And after all it is all about the business and not about just being complaint.

Today, as always, the challenge changes and the legislation moves on. The fines get bigger and the media focus on the few bad apples and make everyone out to be the bad guys but with some sound practical advice and simple action we can make sure you keep not only within the law, but keep your data secure and your business FREE of pointless processes.

One of the greatest areas of interest from our clients is GDPR which has been in force since May 25th 2018. The last 12 months before GDPR has meant a lot of our clients have been looking for us to help them by understanding what needs to happen to get them to a state of compliance. Since May 2018 the focus for companies has been to review what’s in place and see where the high risks still remain.

There is also a high demand from companies wanting to know what they really can or can’t (or should and shouldn’t) do when it comes to collecting customer and prospect data and then marketing to them. There are some widely misunderstood ideas floating around and what you seen done is not always what should be done, even by large companies.

Some organisations need ongoing support either from our ad hoc consultancy or held on a retained model where we become your virtual Data Protection Officer (virtual DPO). Take a look at the services below to find out more on how that works.

Contact us today to find out how we can work together either as and when your need arises or as part of our assurance package where you need never worry again about your data and how it’s being used. If you would like a GDPR assessment and report to show where you are on your GDPR compliance then we can help with that too.