Members
GDPR Alliance Members
About Us
The GDPR Alliance’s vision is to help UK businesses become GDPR compliant. Members of the Alliance include Law firms, Software and IT businesses, Information Security and Standards Consulting focused organisations.
Key focus areas of the alliance include:
- Helping UK businesses implement the upcoming General Data Protection Regulations (EU GDPR).
- Putting together plans in the event things go wrong and a data breach occurs.
- Helping UK businesses to actively fight against the menace of viruses, malware and ransomware.
The Alliance’s aim is to pull together organisations from complimentary disciplines who together can offer the full range of services for clients, in terms of GDPR compliance.
Call us at
+44 (0) 3333 447855
Email us at
1 Central Square
Cardiff, CF10 1FS
Mon - Fri
9 am – 5 pm
Services We Offer
Summary & Comprehensive Breach Reports
The Breach Report combines traditional Penetration Testing with a unique awareness and consideration of the risks introduced by human behaviour.
The scope of the Summary Breach Report is regularly revised to include current and trending exploits, including DROWN, GHOST Glibc, Heartbleed and POODLE, as well as the extensive and growing list of web server vulnerabilities.
The Summary Breach Report provides a single-page starting point and a natural stepping stone for the Comprehensive Breach Report, which can be used as a benchmark for the development and assessment of company policies relating to IT.
Information & Awareness Seminars
Our seminars will help you assess the impact of the GDPR on your business. You will gain an insight into the founding principles of good information security and how these principles can help give your business the stability and security it deserves. You will gain an understanding of the key changes the GDPR will bring and learn how implementing the GDPR properly can benefit your business.
Health Check
Our experts can help you assess the likely risks that your data and processes present and will also help focus the data inventory and process mapping exercises. We will consider whether any 3rd party processing arrangements you have in place impact on your overall security requirements.
Data Inventory and Process Mapping
We will work with the key people in your organisation to help you identify, catalogue and map the flow of all personal data processed by your business. This fundamental exercise will form the basis of your information gathering and is essential in order for you to understand and be able to document what personal data you hold and for what purposes it is used. This is an integral part of GDPR compliance. In addition, this exercise is often seen as “mining for gold”, because data in an organisation is an incredibly valuable asset and this inventory can disclose sources of revenue or efficiency.
Data Privacy Impact Assessment
Building on the inventory and process maps, we will analyse risk associated with personal data that falls under the scope of the GDPR. We will document the various risks (destruction, theft etc.) and score the impact this may have on the data subject (the person whom the data is about). This will help to prioritise your implementation project and will be a key documents for your information security framework. If you are unfortunate and have a data breach, this information will also assist you in assessing the impact of the breach and will prove helpful where a breach requires reporting.
Gap Analysis and Implementation Planning
We use the data and documentation generated in the previous steps to formulate a plan to implement your information security framework, processes and other measures that may be required to achieve compliance with the GDPR. The plan produced is a key document that provides an organisation-wide roadmap for the work and changes required for compliance.
Staff Training
We can offer different training packages for your staff to suit your needs, from general awareness raising on what amounts to personal data and what the obligations are under the GDPR to bespoke training on particular aspects such as security and data beach reporting or on the new individual rights. Staff training is an important and necessary requirement for GDPR compliance.