Data Protection

Given that organisations have been subject to the General Data Protection Regulation (GDPR) for around two years now, there is a huge amount of variation regarding different organisations’ point in the journey. We recognise that data protection compliance cannot happen overnight, and so our data protection services are designed to guide your organisation through the journey in a worry-free and painless way, assuring that you are completely compliant by the end of the road.

Navigator offers services for organisations throughout various stages of compliance — for those who have not yet started the journey, for those in the middle and for those seeking a professional review of their compliance plan. All services are conducted by a certified EU GDPR Practitioner, who is supported by a team of employment, corporate, commercial, and IP lawyers.

Compliance Audit and Action Plan

We can carry out an audit of your data protection practices to determine where your organisation currently stands in the compliance journey.

Once practices are audited, we would compose a prioritised action plan which details tasks and advice for each step of the way. There would be scope for you to add deadlines and allocate responsibilities to appropriate personnel.

Awareness and toolkit

We offer on-site development for all levels of personnel based on their exposure to data processing activities within the organisation. The levels include:

Data Protection Compliance Training – for key personnel involved in data processing compliance to ensure they understand the law and the impact which GDPR has had on your organisation over the last two years.

Staff Awareness Training – for all employees to promote a general awareness of data protection legislation, focusing on their own responsibilities and what to do in the event of a data breach.

Board Awareness Training – to ensure that those accountable for data protection compliance have a high level overview of the legal requirements and associated risks.

In addition to imparting knowledge about data protection, delegates leave each session with a bank of practical tools that can be applied to your workplace.

Information Audit

A detailed audit to account for all of the personal data processed by your organisation and determining the lawful reasons for continuing to process.

Documentation Review

Review contracts, policy and procedures to ensure that they are compliant with the GDPR principles and rights of individuals, then provide template documents for those not currently in existence.

We are also able to produce privacy notices, and review terms and conditions or agreements with third parties.

Data Protection Consultancy

Once the data protection infrastructure is established, we provide a data protection consultancy service that includes: carrying out annual audits, access to our data protection helpline and, when required, carrying out Data Protection Impact Assessments.

Additional Data Protection Services

We can also review mechanisms in place to cope with Data Subject Access Requests (DSARs) and Data Breaches.

A number of clients have also asked us to draft responses to letters and tender requests requiring information about the status of their data protection compliance roadmap.

Should IT audits be required, we will then reach out to our IT GDPR partners to develop and deliver this aspect.

In addition to these services, Navigator also offers consultancy services for any specific data protection queries not found in the services above.

If you would like any more information on the above, or any other data protection services, please contact Stephanie Harper, Certified EU GDPR Practitioner, at