top of page

General Data Protection Regulation


akrup logo.PNG

Gap analysis


Perform a gap analysis of your current system to indicate what must be done to comply with GDPR.

akrup logo.PNG

Document drafting

We can draft the necessary consent forms, policies, and procedures.

akrup logo.PNG

Data Protection Officer


Act as your organisation's Data Protection Officer (a new requirement under GDPR).

akrup logo.PNG



Detailed advice on the requirements of GDPR and DPA 2018.

akrup logo.PNG

Implement ISO 27701 


ISO 27701 is a potential GDPR certification mechanism and would provide the necessary proof that your organization treats the personal information of its customers in compliance with the law, including for the case of cross-border data flows.

akrup logo.PNG

Accountability and governance

You must be able to demonstrate compliance with the EU GDPR. This includes:

  • Establishing a governance structure with roles and responsibilities.

  • Keeping a detailed record of all data processing operations.

  • Documenting data protection policies and procedures. 

akrup logo.PNG

Privacy rights of individuals

Individuals’ rights are enhanced and extended in a number of important areas. Data subjects have:

  • The right to be informed;

  • The right of access;

  • The right to rectification;

  • The right to erasure;

  • The right to restrict processing;

  • The right to data portability;

  • The right to object; and

  • Rights in relation to automated decision-making and profiling.

akrup logo.PNG

Six data processing principles

The GDPR lists six data processing principles that data controllers must comply with. Personal data must be:

  • Processed lawfully, fairly and transparently.

  • Collected only for specific legitimate purposes.

  • Adequate, relevant and limited to what is necessary.

  • Accurate and, where necessary, kept up to date.

  • Stored only as long as is necessary.

  • Processed in a manner that ensures appropriate security.

akrup logo.PNG

Data Protection Officer (DPO)

The appointment of a DPO is mandatory for:

  • Public authorities;

  • Organisations involved in high-risk processing; and

  • Organisations processing special categories of data.


Start your Journey

Contact us now for a free quote or if you have any questions.

bottom of page