The benefits of outsourcing your Data Protection Officer (DPO) duties to Bulletproof

Lower Costs

Lower Costs

Outsourcing is a cost-effective solution that saves on recruitment costs, overheads and holiday cover.

Qualified Consultants

Qualified Consultants

Our DPOs are certified EU GDPR practitioners, so you’re guaranteed to receive expert advice and support.

Technical Expertise

Technical Expertise

As part of a wider cyber security team, our DPOs can provide technical advice and guidance beyond data protection.

Legal Support

Legal Support

Our DPO service is backed by legal privacy lawyers to ensure our work always meets your legal requirements.


PayAsia Logo

Choosing Bulletproof as our DPO gives us peace of mind that we’ve got a friendly, knowledgeable consultant to help us with our data protection obligations. With our international client base spanning 25 countries, it’s reassuring to know that we have global data privacy and data protection expertise on-tap.


Chris Brunton  COO, PayAsia


Your GDPR Compliance Experts

GDPR states that certain organisations (such as public authorities or those processing sensitive data) are legally required to have a Data Protection Officer, and the ICO recommends every organisation appoints one to manage data privacy effectively. We understand that each organisation works differently and has individual requirements, therefore we have tailored our managed-service packages to suit any business, of any size.

Our DPOs are certified GDPR practitioners and data privacy experts. We support organisations across a range of industry sectors, successfully guiding them through the complex responsibilities of data protection. With flexible packages at cost effective rates, you get the service your organisation needs to get ahead of your GDPR obligations.


Legal and technical expertise

We are uniquely positioned to deliver a comprehensive data protection service through extensive technical and legal experience. Our DPOs operate within a wider cyber security team for a robust understanding of information security. We are also partnered with leading London law firm, Edwin Coe LLP, for support regarding GDPR law and practices.


How can a DPO help you?

A DPO is appointed to monitor internal compliance, inform on data protection obligations and act as a contact point for the supervisory authority and data subjects. The responsibilities of a DPO include:

  • Data breach support (including liaison with supervisory authorities)
  • Data subject access request support
  • Policy and procedure support and advice
  • GDPR/privacy advice and support
  • Support with Data Protection Impact Assessments (DPIAs)
  • Risk assessment support
  • GDPR and information security training
  • Data mapping support and advice

Find the DPO package that best suits your business

Each of our DPO packages offers a flexible approach to virtual delivery – whether you prefer to communicate through calls, video conferences or emails, we’re here to help.

Additional hours/days can be purchased on an ad hoc basis.

Contact us today to discuss your requirement for implementation with a DPO package.

Outsourced Data Protection Officers
Small Business Medium Business Large Business
Suitable for Businesses with up to 20 employees Businesses with 21-200 employees Businesses with over 201 employees
Gap analysis required? Crossed circle icon Checked circle icon Checked circle icon
DPO time Up to 4 hours per month Up to one day per month Customised to suit your requirement
Kick-off call Checked circle icon Checked circle icon Checked circle icon
Monthly progress call Checked circle icon Checked circle icon Checked circle icon
GDPR training portal Checked circle icon Checked circle icon Checked circle icon
Compliance portal access Checked circle icon Checked circle icon Checked circle icon
Notifications service* Checked circle icon Checked circle icon Checked circle icon
Annual audit Crossed circle icon Crossed circle icon Checked circle icon
Price From £595 /month
(ex VAT)
From £995 /month
(ex VAT)
£POA

Note: A GDPR Gap analysis is required for Medium and Large Businesses before the DPO service can commence.

*Notification service coming soon. Please speak to your Bulletproof account manager for more information.


GDPR and data privacy advice package

For organisations that do not require a DPO but need GDPR support, we offer a Data Privacy Advisor package. This is ideal for organisations who require assistance on the journey to compliance.

There is a growing requirement for organisations of all sizes to understand and comply with data protection and data privacy regulations, but many do not know where to start or they require assistance.

We offer a Data Privacy Advisor package, specifically designed for those organisations that want GDPR support without the need for a DPO. This service is offered as a calls-only function, providing up to two-hours of support each month to support your GDPR compliance.

Get started from £295 per month. Simply complete the contact form below.


Get a quote today

Let our team of qualified, experienced DPOs manage your data protection obligations

By submitting this form, I agree to the Bulletproof privacy policy.


Frequently asked questions

Am I legally required to have a DPO?

The GDPR dictates that you must appoint a DPO if you are a public authority or body, or if you carry out certain types of processing activities such as regular and systematic monitoring of individuals, or large-scale processing of sensitive data.

Although other organisations are not legally required to have a DPO, the ICO recommend every organisation appoints a DPO to comply with GDPR and avoid fines.

Why should I outsource my DPO?

Outsourcing a data protection officer is more cost-effective than an internal hire, particularly as you only pay for the time you require, (save on overheads, holiday cover etc). You also benefit from access to a wide team of certified GDPR practitioners, data protection professionals and technical experts rather than limiting your organisation to the experience of one individual.

Can my DPO help with implementation?

Yes, but this is not included in our DPO packages. We are happy to arrange an implementation model to coincide with any of the DPO packages we offer. It would usually entail additional hours/days spread across the first few months, and once implementation is complete, DPO time would drop to the standard allocation per month. For more information, please contact us to discuss your requirements.

What if I need more than the set hours/days in my package?

Additional hours/days can be added on an ad hoc basis. This can be used for implementation, large policy or procedure reviews, data breach support or any other instance where you need more dedicated time with your DPO.

Can you help with data subject access requests?

Yes, our team can provide you with support and advice on how to handle data subject access requests. As part of any action plan for compliance, we would guide you on developing a procedure for this to follow in the event of you receiving one.

We would be there to support you when you do receive one to provide guidance on what information you will need to collect, advise on information you can’t disclose, how to record it and how to make sure the information is provided to the data subject securely and within the time constraints defined in the GDPR.

  • Bulletproof are CREST approved

    CREST approved

  • Bulletproof are ISO 27001 and 9001 certified

    ISO 27001 and 9001 certified

  • Bulletproof are Tigerscheme qualified testers

    Tigerscheme qualified testers

  • Bulletproof are a PCI DSS v3.2 Level 1 service provider

    PCI DSS v3.2 Level 1
    service provider

  • Bulletproof have 24/7 on-site Security Operations Centre

    24/7 on-site Security
    Operations Centre