Data Protection Compliance Projects

Full data protection compliance

PropelFwd have years of experience working with organisations in various sectors of the business community and in different jurisdictions to draw upon to help your organisation on the data protection compliance journey.

The consultants at PropelFwd work with your team and get to know your business and your needs when it comes to data governance. We will recommend what is right for your organisation, keeping the requirements of the law proportionate and necessary to the size of your organisation and the data processing your do.

The data protection laws are not a one size fits all solution, they are flexible and are meant to be use in a proportionate way. Data protection is not an obstruction to business, it is there to assist and to give your customers and employees the confidents that you look after data in a serious way and take the responsibility of being a data controller seriously.

The packages PropelFwd offer are;

Full compliance package

This is starting from ground zero. PropelFwd put in place an entire suite of policies and procedures customised to your business and your business needs. They build a data activity register showing the data processing carried out by your organisation, your legal basis for processing, your retention schedule, risk register, data rights request register and data incident/breach log.

A customised online training course is created for your staff to take and data champions are identified and trained to look after the day-to-day data needs within your organisation. If PropelFwd are retained as your Data Protection Officers/Managers these Champions will work with us on a regular basis, otherwise they will look after your data protection needs going forward.

Policies include, not limited to;

• Data Protection Policy and Procedure
• Data Subject Access Request Policy and Procedure
• Data Breach Notification Policy and Procedure
• Data Retention and Destruction Policy and Procedure
• Data Transfer Policy and Procedure
• Data Protection Impact Assessment Policy and Procedure
• CCTV Policy and Procedure (if required)
• Data Security Policy and Procedure
• Data Governance Policy and Procedure
• Privacy Notice for website, Employee Privacy Notice etc.

Framework compliance package

PropelFwd designed this framework package for smaller businesses, clubs and charities when they looked at the proportionality and necessity factors of the law. SME’s, clubs and charities do not need a full suite of policies to control their data usage, but they do still need a policy document to tell the team what to do in the event of a subject access request or a data breach.

A policy is the guidance an organisation needs to be consistent, but also to show accountability to the regulation and to being an ethical, responsible data controller.

The Framework package consists of;

• Framework data protection police
• Data Subject Access Request Policy and Procedure
• Data Breach Notification Policy and Procedure
• Associated template documents and letters
• Employee/Volunteer Privacy Notices, Privacy Notice for website etc

Website compliance package

PropelFwd will assess your website privacy notice and cookie requirements and working with our partner in the UK, DPAS (UK Clients only) we will provide you with,

• A Data Protection Act, UK GDPR, GDPR compliant Privacy Notice
• A generic Branded Privacy Notice animation for your website
• A premium CookieScan™ account (1^st years subscription, thereafter you pay £180 per year)
• Management of the implementation of CookieScan™ to your Website
• Theme the CookieScan™ banner to the website colours

PropelFwd also offer this service to client in the Channel Islands, the Isle of Man or Ireland creating a compliance Privacy Notice relevant to any data protection law the organisation is obliged to comply with.