When do I need to appoint a Data Protection Officer?

An individual practitioner's customers' list might not constitute 'large scale' but a database of a popular website’s visitors or app users typically would.

Keep in mind monitoring is not just about real-world security cameras but includes all forms of tracking and profiling on the internet, including for the purposes of behavioural advertising such as by means of cookies or pixels.

Special categories of personal data include: data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.

Data Protection Officer outsourcing GDPR
outsourced data protection officer outsourcing

How do I benefit from having a Data Protection Officer? (even if it is not mandatory for me to have one.)

Am I actually fully compliant? We will remind you of the areas where compliance issues might arise, and ask you the right questions to identify and address any compliance gaps.

Concerned whether a particular aspect of your business practice, product, technology used, or analytics techniques complies with GDPR? You can always reach us at our Help Desk, conveniently located on our online collaborative board.

Where GDPR requires you to conduct a Data Protection Impact Assessment of your new technologies or data analytics techniques, we will guide you through the process and help you identify the right measures to mitigate the privacy impact - and improve your chances of complying with the law.

We are happy to take care of your necessary communications with data subjects and the ICO (or another data protection authority), including in relation to a GDPR data breach. Note that our higher end DPO packages also include an NIS data breach notification.

We will not only identify data protection training needs but also as part of our higher end packages provide basic privacy training webinars or workshops.

Why outsource my DPO? (instead of appointing an employee to act as my DPO)

People in your organisation who are sufficiently senior are highly likely to have a conflict of interest. Heads of IT, CTOs, Chief Data Officers, or Heads of HR are most likely involved in choosing the purpose and means of data processing, which would prevent them from acting impartially as a DPO.

Outsourcing your DPO function to Aphaia will cost a fraction of a privacy professional's full-time salary. Depending on the package you choose, this could be somewhere between 5 and 30%.

Even if you hire a privacy professional, their expertise would be unlikely to match that of our partners and their support team. We’re experts.

Why should I pick Aphaia?

Almost 80% of our outsourced DPO clients have previously used our GDPR gap analysis & compliance roadmap services. They trust us to deliver, and we love working with them too.

Almost 90% of our data protection clients provide mobile apps or web-based services.

We provide data protection support to clients offering healthcare, financial, recruitment, education, telecoms, real estate, entertainment, sharing economy, and e-commerce services.

Here are some of our awesome clients you can ask why…

GET IN TOUCH!

APPOINTMENT PLUS
£375 per month
  • appoint Aphaia as your DPO
  • regular compliance checks
  • a little extra help
THE ESSENTIALS
£500 per month
  • appoint Aphaia as your DPO
  • regular compliance checks
  • basic support, communication, and training
  • limited Data Protection Impact Assessment support
ADVANCED
£850 per month
  • appoint Aphaia as your DPO
  • regular compliance checks
  • one of our partners dedicated to you
  • loads of support, communication, and training
  • abundant Data Protection Impact Assessment support
  • additional perks such as NIS data breach notifications
PREMIUM
£1,050 per month
  • appoint Aphaia as your DPO
  • regular compliance checks
  • one of our partners dedicated to you to provide an initial response within one (1) working day
  • virtually unlimited support, communication, and training
  • abundant Data Protection Impact Assessment support
  • additional perks such as cyber security consultations and NIS data breach notifications