Why outsource your Data Protection Officer?
Save money
Outsourcing is a cost-effective solution that saves on recruitment costs, overheads and holiday cover.
Qualified consultants
Our DPOs are certified EU GDPR practitioners guaranteeing to receive expert advice and support.
Technical expertise
As part of a wider cybersecurity team, our DPOs provide technical advice & guidance beyond data protection.
Legal support
Our DPO service is backed by privacy lawyers to ensure that our work always meets your legal requirements.
How can a DPO help you?
A DPO is appointed to monitor internal compliance, inform on data protection obligations and act as a contact point for the supervisory authority and data subjects. The responsibilities of a DPO include:
- ICO registration
- Data breach support and response (including liaison with the ICO)
- Breach response
- Data subject access request support (SAR)
- Policy and procedure support and advice
- Data mapping support and advice
- Data Protection Impact Assessments (DPIAs)
- Assisting with customer questionnaires and due diligence
- GDPR and information security awareness training
Your GDPR compliance experts
GDPR states that certain organisations (such as public authorities or those processing sensitive data) are legally required to have a Data Protection Officer, and the ICO recommends every organisation appoints one to manage data privacy effectively. We understand that each organisation works differently and has individual requirements, therefore we have tailored our managed-service packages to suit any business, of any size.
Our DPOs are certified GDPR practitioners and data privacy experts. We support organisations across a range of industry sectors, successfully guiding them through the complex responsibilities of data protection. With flexible packages at cost effective rates, you get the service your organisation needs to get ahead of your GDPR obligations.
Our DPO packages
Each of our DPO packages offers a flexible approach to virtual delivery – whether you prefer to communicate through calls, video conferences or emails, we’re here to help.
Additional hours/days can be purchased on an ad hoc basis.
| Small Business | Medium Business | Large Business | |
|---|---|---|---|
| Suitable for | Businesses with up to 20 employees | Businesses with 21-200 employees | Businesses with over 201 employees |
| Gap analysis required? |  |  | |
| DPO time | Typically 4 hours per month | Typically one day per month | Customised to suit your requirement |
| Kick-off call | | | |
| Monthly progress call | | | |
| GDPR training portal (beginners & advanced) | | | |
| Notifications service* | | | |
| Annual audit | | | |
| Price | From £595 /month (ex VAT) | From £995 /month (ex VAT) | £POA |
Note: A GDPR Gap analysis is required for medium and large businesses before the DPO service can commence.
*Notification service coming soon. Please speak to your Bulletproof account manager for more information.
Legal and technical expertise
Our team of certified Data Protection Officers and GDPR Practitioners provide robust information security guidance that is supported by the award-winning IP law firm, HGF, if and when required.
Here’s what our customers say about us
The Belron Group has over 18 million customers around the world, therefore data protection must be at the forefront of our operations. Bulletproof's team are clearly very experienced and their knowledge enabled us to cultivate a privacy-by-design model across our Autoglass brand. Their expertise has been invaluable in helping us protect our customers' personal data.
Choosing Bulletproof as our DPO gives us peace of mind that we’ve got a friendly, knowledgeable consultant to help us with our data protection obligations. With our international client base spanning 25 countries, it’s reassuring to know that we have global data privacy and data protection expertise on-tap.
Appointing Bulletproof as our Data Protection Officer was one of the best business decisions we have made. They have been first class from the tender process right through to the current day. Their guidance and support not only serve as a comfort blanket but has enabled us to grow the business at a rate that would not have been possible had we not partnered with them.
Get a quote today
Let our team of qualified, experienced DPOs manage your data protection obligations
Data Protection Officer FAQs
What is a Data Protection Officer?
A Data Protection Officer (DPO) is the person responsible for:
- Acting as the liaison between the company, the data subjects and regulatory bodies including the ICO
- Identifying and ensuring the delivery of training and awareness programmes for employees and contractors
- Complying with article 30 of GDPR
- Conducting regular audits to ensure compliance is maintained and ensuring policies and procedures are regularly reviewed and updated where required
- Overseeing/supervising Data Protection Impact Assessments (DPIAs)
- Managing a data breach
- Keeping up to date with the latest data privacy legislation and rulings by the EDPB and Supervisory Authorities
- Having an in-depth understanding of GDPR as well as information technology and data security
- Avoiding a conflict of interest
- Reporting to highest levels of management and autonomy
Find out more about what a DPO does in this article.
Why should we outsource our DPO?
Outsourcing a data protection officer is more cost-effective than an internal hire, particularly as you only pay for the time you require (save on overheads, holiday cover etc). You also benefit from access to a wide team of certified GDPR practitioners, data protection professionals and technical experts rather than limiting your organisation to the experience of one individual.
Are we legally required to have a DPO?
The GDPR dictates that you must appoint a DPO if you are a public authority or body, or if you carry out certain types of processing activities such as regular and systematic monitoring of individuals, or large-scale processing of sensitive data.
Although other organisations are not legally required to have a DPO, the ICO recommends every organisation appoints a DPO to comply with the GDPR, manage data protection and avoid fines.
Who must comply with the GDPR?
Any organisation that processes the personal data of people in the EU must comply with the GDPR.
“Processing” is a broad term that covers just about anything you can do with data: collection, storage, transmission, analysis, etc.
“Personal data” is any information that relates to a person, such as names, email addresses, IP addresses, eye colour, political affiliation, and so on.
Even if an organization is not connected to the EU itself, if it processes the personal data of people in the EU (via tracking on its website, for instance), it must comply.
The GDPR is also not limited to for-profit companies.
Can our DPO help with GDPR implementation?
A GDPR implementation can easily coincide with any of the DPO packages we offer. It would usually entail additional hours/days spread across the first few months. Once implementation is complete, DPO time would drop to the standard allocation per month. For more information, please contact us to discuss your requirements.
What if we need more than the set hours/days in our DPO package?
Additional time can be added on an ad hoc basis. This can be used for implementation, large policy or procedure reviews, data breach support or any other instance where you need more dedicated time with your DPO.
Can you help with data subject access requests?
Yes, our team can provide support and advice on how to handle data subject access requests. As part of any action plan for compliance, we would guide you on developing a procedure to follow in the event of you receiving one.
Do you operate in our sector?
The GDPR applies to all companies and organisations in equal measure although some parts of the legislation may not apply to your business, such as the processing of children’s data and profiling of individuals. At Bulletproof, we have across many sectors both public and private, we are confident that we can help with GDPR compliance in any environment.
DPO resources
Our experts are the ones to trust when it comes to your cyber security
