Privacy & Data Protection — EU / UK
DPIAs that reduce risk & prove compliance
Structured PIA/DPIA for higher-risk processing: clear mitigations, stakeholder alignment, and regulator-ready evidence under GDPR / UK GDPR.
- Screening first (required vs. advisable)
- Cross-functional workshops
- Regulator & customer-ready evidence

Scope
What’s included in every DPIA
Confirm requirement; scope, owners, data flows.
Risks, mitigations, lawful bases, residual risk statement.
Consent, cookies/CMP, UX patterns & retention.
Cross-functional sessions with product, legal & security.
Prioritised controls with owners and timelines.
Stakeholders, decisions, and approvals recorded.
EU GDPR (DPIA)
DPIA packages
- Screening + DPIA template & guidance
- 1 workshop (product/legal/security)
- Risk register + mitigation plan
- Lawful basis & necessity checks
- Stakeholder sign-off pack
See full comparison
- Full DPIA with data-flow linkage to RoPA
- 2 workshops + redaction/UX patterns
- Cookie/CMP implications assessed
- Residual risk statement & consultation log
- Same-day advice SLA
See full comparison
- Advanced DPIA + regulator-ready evidence
- Multi-team reviews + KPIs & owners
- Product UX patterns (consent/legitimate interests)
- Vendor risks & TIAs mapped
- Priority SLA + up to 3 DPIAs/year
See full comparison
Setup fee may apply • Cancel anytime (monthly) • Regulator-ready evidence pack • Prices exclude VAT
| What you get | Starter Single processing activity, modest scope (EU) | Most popular Growth Multiple systems/vendors; customer scrutiny (EU) | Scale Complex estates, audits & DDQs (EU) |
|---|---|---|---|
| Price (ex VAT) | €14,000 /year | €26,000 /year | €42,000 /year |
| Workshops | 1 session | 2 sessions | Multi-team |
| RoPA linkage | — | Included | Advanced (multi-unit) |
| Cookie/CMP impact | Scope check | Quarterly checks | Monthly checks |
| Residual risk & consult. | Statement | Statement + log | Statement + extended log |
| Advice SLA | Next-day | Same-day | Priority |
| TIAs & vendor risks | — | Selected vendors | Full mapping |
| Get Starter | Get Growth | Get Scale |
Setup fee may apply • Cancel anytime (monthly) • Regulator-ready evidence pack • Prices exclude VAT
Method
How we work
Confirm DPIA requirement; define scope, owners, and data flows.
Elicit risks and mitigations with product, legal, and security.
Score risks, align controls, and document lawful bases & measures.
Finalise report, residual risk statement, consultation log, approvals.
Next step
Speak to a DPIA specialist
Share the processing context and systems. We’ll run screening, confirm if a DPIA is required, and propose a plan.
Screening ~1 business day • DPIA in 2–4 weeks • Fixed fees

Embed Calendly/HubSpot here if preferred.