Cyber

• Providing insightful cyber incident simulation training using practical and memorable examples, leading to actionable insights.
• Leading cyber responses for clients, including ransomware, config settings and inadvertent sharing issues (amongst many more) - establishing their incident response process, leading meetings, determining next step actions and assessing reportability requirements to regulators and data subjects alike, working with expert crisis comms and forensic investigation partners.
• Helping clients prepare their cyber approach.

Data protection

• Data Protection Officer services - providing clients with outsourced DPO services, delivering insights, compliance and tailored action to improve data protection culture, compliance and maturity, including for a Premier League football club and major media group.
• DPO / Legal team support services - advising on, designing and deploying repeatable process elements, including OneTrust and internal tools to deliver data protection management outcomes including for a payments provider and FTSE100 listed company.
• Contracting - creating and negotiating complex data sharing, processing and joint controllership agreements including for healthcare organisations, adtech organisations, marketing agencies, retailers and B2B suppliers, listed companies, public sector bodies and suppliers to the public sector and many more. This includes complex overseas data transfers and intra-group data transfer agreements within groups of companies to simplify their data transfer regime.
• Data subject rights including DSARs - managing and bringing data subject rights requests, including consultancy and practical team training regarding recognising requests, handling complaints, designing uplifted OneTrust DSAR management processes, managing mass DSARs such as union action or redundancy programme DSARs, designing practical processes for clients with numerous deletion requests and much more.
• Policy creation and reviews - helping clients with their policy suite, creating a clear set of expectations and standards to be applied across their business.
• Audits, checks and assessments - advising clients on their data protection culture, maturity, priority actions and roadmaps to help maturity, optimisation and embedding data protection matters into operational processes.

Artificial intelligence

• Advising clients on their contracting approaches to AI.
• Advising a client on their deployment of AI identity risk solutions - balancing the business benefits vs. the nature of the assessments, designing policies, FAQs and handling complaints.
• Providing practical and memorable AI literacy training.

Direct marketing

• Helping clients design their loyalty and marketing programmes and sign-ups, including in the public sector.
• Leading investigations into non-compliant direct marketing campaigns.
• Training marketing teams on data protection and direct marketing requirements and optimisation.