Data Protection (GDPR)

Protect your reputation, gain your client’s trust.

Data protection regulations state that personal data should be fully protected at all times. InfoSaaS has helped many organisations to understand the new General Data Protection Regulation (GDPR) and be compliant with its many requirements.


Overview of GDPR Requirements

The more comprehensive EU General Data Protection Regulation was introduced in May 2018. This was delivered in the UK as the Data Protection Act 2018.

All organisations who process personal data should be in full compliance with GDPR. But sometimes we need to explain and unravel the complexities of it.

Our qualified and experienced data protection specialists would be pleased to assist you with this.

GDPR Documentation

GDPR specifies a mandatory set of documentation and records that need to be maintained. This is to ensure your organisation becomes and remains legally compliant with its obligations to protect personal data.

InfoSaaS provides an extensive range of templated policies, procedures, forms and informational guides. These have proved to be invaluable for organisations of all sizes and sectors.

View document packs

Data Audit Workshops

To be compliant with data protection legislation, it’s important that all forms of personal data are identified, categorised and assessed.

A data audit workshop, led by one of our data protection specialists, will help you to understand exactly what it is you need.

Contact us

Data Protection Impact Assessments

Article 35 of GDPR requires a Data Protection Impact Assessment (DPIA) to be completed in certain circumstances.

Our InfoSaaS solution provides an intuitive solution to guide users through the completion of such an assessment. The resulting report highlights any issues or areas requiring improvement, and which can optionally be shared with customers, stakeholders or regulators.

Data Subjects Rights Requests

Articles 15-21 of GDPR mandate a set of rights in connection with the processing and storage of a data subject’s personal data.

Our GDPR Document Pack includes comprehensive procedures and supporting forms that are easy to customise.

In addition, our InfoSaaS software service includes a repository and GDPR-compliant workflows which allow any requests which are received to be validated and managed to completion in line with the requirements of the Regulation.


Supply Chain Considerations

Suppliers may require access to personal information – either to your own personnel’s data or to that of your customers’. You have a responsibility to assess their compliance with GDPR obligations as a data processor.

Such an assessment will need to include ensuring that technical controls are robust, mechanisms are in place to identify and report data breaches, a commitment has been made to cooperate with data subject requests, amongst others.

Supplier Capability Assessments

Risk Assessment for Outsourced Products/Services

It’s essential that your personnel (and any dependent third-parties such as contractors) are properly trained on their responsibilities for the protection of personal data. This will include understanding how it is obtained, managed, processed, stored and disposed of.

They will also need to understand how to identify and report personal data breaches, and how to cooperate with responding to data subject requests.

Please contact us so we can prepare a training framework that delivers your organisation’s individual data protection training needs.

Contact us

“The InfoSaas platform has been enormously helpful as we work towards ISO27001 certification. The structure, support and documentation available have allowed us to make quick progress now that we can easily track all of our assets, risks and actions.”

Chris Thompson, Managing Director

“InfoSaaS provides established and credible solutions for delivering information security and data governance, proven time and again with successful certification results.”

Martin Law, Information Security Entrepreneur

“InfoSaaS provides an effective and integrated GRC solution, which makes a significant contribution to the information security posture of our clients.”

Karen Godwin, Director

“It was clear that InfoSaaS was going to be the easiest to use … and was going to help us keep on top of everything properly.”

James Chillman, Managing Director

Learn more

Virtual Data Protection Officer

A Virtual Data Protection Officer (DPO) can provide strategic, compliance and operational leadership on data protection matters to organisations that may not be able to afford a
full-time resource.

Certified DPOs are likely to be an expensive resource: you may instead decide to use a Virtual DPO from InfoSaaS on an ongoing basis; benefiting from their time and experience on demand, part-time and often remote basis.

If you would like to discuss how a Virtual DPO could benefit your organisation, please contact us for a confidential discussion without obligation.

Contact us