When do I need to appoint a Data Protection Officer?

An individual practitioner's customers' list might not constitute 'large scale' but a database of a popular website visitors or app users typically would.

Keep in mind monitoring is not just about real-world security cameras but includes all forms of tracking and profiling on the internet, including for the purposes of behavioural advertising such as by means of cookies or pixels

Such 'special categories of personal data include the data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation shall be prohibited.

Data Protection Officer outsourcing GDPR
outsourced data protection officer outsourcing

How do I benefit from having a Data Protection Officer? (even if it is nor mandatory for me to have one)

Am I doing everything right? We will remind you of the areas where compliance issues might arise, and ask you the right questions to identify and address any compliance gaps.

Concerned whether a particular aspect of your business practice, product, technology used, or analytics techniques complies with GDPR? You can always reach us at our Help Desk, conveniently located on our online collaborative board.

Where GDPR requires you to conduct a Data Protection Impact Assessment of your new technologies or data analytics techniques, we will guide you through the process and help you identify the right measures to mitigate the privacy impact - and improve your chances of complying with the law.

We are happy to take care of your necessary communications with the data subjects and the ICO (or another data protection authority), including in relation to a GDPR data breach. Note that our higher end DPO packages also include NIS data breach notification.

We will not only identify data protection training needs but also as part of our higher end packages provide basic privacy training webinars or workshops.

Why outsource my DPO? (instead of appointing an employee to act as my DPO)

People in your organisation who are sufficiently senior are highly likely to be in conflict of interest. Head of IT, CTO, Chief Data Officer, or Head of HR are most likely involved in choosing purpose and means of data processing, which would prevent them from acting as the DPO.

Outsourcing your DPO function to Aphaia will cost only a small fraction of a privacy professional's full-time salary. Depending on the package you choose, this might be somewhere between 5 and 30%.

Even if you hire a privacy professional, their expertise would be unlikely to match that of our partners and their support team.

Why should I pick Aphaia?

Almost 80% of our outsourced DPO clients have previously used our GDPR gap analysis & compliance roadmap services.

Almost 90% of our data protection clients provide mobile apps or web-based services.

We provide data protection support to clients offering healthcare, financial, recruitment, education, telecoms, real estate, entertainment, sharing economy, and e-commerce services.

Here are some of our awesome clients you can ask why…

APPOINTMENT PLUS
£375 per month
  • appoint Aphaia as your DPO
  • regular compliance checks
  • a little extra help
THE ESSENTIAL
£500 per month
  • appoint Aphaia as your DPO
  • regular compliance checks
  • basic support, communication, and training
  • limited Data Protection Impact Assessment support
ADVANCED
£850 per month
  • appoint Aphaia as your DPO
  • regular compliance checks
  • one of our partners dedicated to you
  • loads of support, communication, and training
  • abundant Data Protection Impact Assessment support
  • additional perks such as NIS data breach notifications
PREMIUM
£1,050 per month
  • appoint Aphaia as your DPO
  • regular compliance checks
  • one of our partners dedicated to you to provide initial response within one (1) working day
  • virtually unlimited support, communication, and training
  • abundant Data Protection Impact Assessment support
  • additional perks such as cyber security consultations and NIS data breach notifications