Privacy Services

Under the proposed Commission Regulation all public authorities and companies of over 250 employees or whose core activities require systematic monitoring of employees or other individuals, are required to appoint a data protection officer.

We acknowledge that the hiring of a Data Protection Officer may require time, money and resources and sometimes a part-time DPO suffices which is why EU Privacy Protectors offers the DPO role as a service to organisations requiring an interim or fixed data protection officer for a few days a week at favourable terms.

General Data Protection Officer work will include drafting and monitoring implication and application of data protection and related policies, monitoring the implementation and application of the new Data Privacy regulatory framework, ensure that all data processes are appropriately registered and maintained and monitoring, documenting, notifying and communicating data security breaches.


Specifically we will provide the following services in the course of our role as Data Protection Officer of your organisation:

  • One free initial video conference consultation to discuss requirements
  • Awareness sessions for employees and departments to raise knowledge about the coming legislation and the impact on the organisation.
  • Regular meetings with key stake holders in your organisation to determine scope, budget and detailed requirements for the management of a data protection programme
  • Production and/or implementation of key data protection documentation in your organisation
  • Bespoke data protection training to key personnel, including HR. Legal, IT, Security, Commercial
  • Assemble a data protection registration that will eventually replace the current notification system
  • Privacy impact assessments on some of your processing systems, taking into account the new proposed “right to be forgotten”  and proposing methodology to meet this requirement
  • Full audit on all your systems and processes
  • Dry-swim testing privacy breach processes
  • Annual DPO reporting


Outsourcing the DPO function to an external consultancy will bring you the following advantages:

  • Peace of mind that you are meeting data protection legal requirements by appointing an independent data protection officer
  • Have at your disposal a multi lingual consultant with over 10 years experience in multi jurisdictional data privacy regimes, particularly within Europe and with good knowledge of how national data protection authorities operate
  • Get all your data protection work done by one consultancy with a good network of  regulator contacts, external counsel and other consultants

Representation (article 27)

When your organization provides services or products to the European Union member states that requires processing of personal data of data subjects in the EU and you do not have a corporate office in one of the member states then GDPR requires you to appoint a representative. EU Privacy Protectors delivers a representative service to the local authorities for your organization:

  • Appointing EUPP representative allows your organization to continue to deliver services in the European market under GDPR
  • EUPP will register as representative with the local DPA on your behalf
  • EUPP will be first point of contact for queries from EU member states
  • You will receive a monthly email update with relevant GDPR info
  • We can bring an annual visit to your compliance team to synchronize our efforts
  • Our services will be provided for a fixed monthly rate.

Data Breach Response Management

EUPP offers various services and can offer extensive expertise in preparing and managing a breach. When the shit hits the fan;
  • We can handle all aspects of account management and notification,
    including drafting, printing and mailing or emailing letters.
  • Within our network we can mobilize forensic partners that can advise how to stop data loss, secure evidence, prevent further harm, preserve evidence and manage the chain of custody, minimizing the chance that evidence will be altered, destroyed, or rendered inadmissible in court.