From explaining how the EU GDPR and UK GDPR apply to your organisation, preparing the documentation and implementing the processes you need to comply, designing and delivering staff training, managing data subject right requests (including access requests or DSARs, objections and erasure requests) to advising on the handling of cyber attacks and data breaches, at Handley Gill we support you to get on with business as usual while building customer and employee trust through an appropriate data protection and privacy programme. Please contact us to discuss your requirements.
At Handley Gill, our experienced, legally qualified consultants offer pragmatic and robust data protection, privacy, human rights, responsible AI, online safety, ESG and wider legal advice, compliance and assurance services to our clients, which range from micro-entities, to SMEs, multi-national corporations and public bodies in industries spanning marketing, regulated services, recruitment, tech, content providers, political parties and lobbying groups, charities, law enforcement, sport and fitness and healthcare.
Our services include:
· Establishing and implementing data protection compliance frameworks;
· Conducting data mapping exercises;
· Advising on the lawful basis for personal data processing;
· Advising on the need for, and providing, outsourced data protection officer (DPO) services;
· Conducting data protection impact assessments (DPIAs), advising on high risk processing and prior consultation obligations;
· Conducting legitimate interests assessments (LIAs);
· Drafting privacy, data protection and cookie policies and notices;
· Drafting data handling and management policies and standards;
· Drafting, advising on and negotiating data processing agreements;
· Drafting, advising on and negotiating data sharing agreements;
· Advising on compliant marketing practices and campaigns;
· Advising on and conducting vendor and supply chain risk assessments;
· Conducting international data transfer risk assessments (TRAs);
· Drafting, advising on and negotiating international data transfer agreements and other safeguards;
· Advising on and preparing responses to data subject rights requests, including data subject access requests (DSARs);
· Preparing and rehearsing data breach and cyber incident response preparedness plans;
· Advising on data breach notification obligations;
· Designing and delivering standard and bespoke data protection training;
· Advising on the application of the Age Appropriate Design Code (Children’s Code);
· Providing independent data stewardship representation to support consultation obligations;
· Advising on the ethical design and implementation of machine learning and Artificial Intelligence (AI);
· Conducting data protection audits;
· Advising and representing in regulatory and enforcement action brought by the Information Commissioner (ICO) and other regulators;
· Advising and representing in appeals to the First-Tier Tribunal (Information Rights);
· Providing independent data stewardship representation to support consultation obligations;
· Advising and representing in regulatory and enforcement action brought by the Information Commissioner (ICO) and other regulators;
· Advising and representing in appeals to the First-Tier Tribunal (Information Rights);
· Advising and supporting preparations for the implementation of the Online Safety Bill;
· Advising on and estabishing responsible artificial intelligence (AI) governance framework, and preparing related policies and procedures and implementing safeguards;
· Conducting human rights and equality impact assessments; and,
· Reviewing and revising or establishing ESG (Ethical, Social and Corporate Governance) governance frameworks, policies and procedures.