About GDPR

About GDPR

The EU's new data protection regulation is complex to understand and implement. GDPR365 reduces the risk of non-compliance by giving each company an intuitive cloud-based hub with customised, thoughtful workflows to simplify the compliance process by organising it into clear, simple and assignable tasks.

In May 2016, the European Union (EU) passed a EU-wide data protection regulation known as the GDPR. It goes into effect on May 25, 2018. The GDPR regulates how companies protect the personal data of EU data subjects (EU citizens and residents). It will introduce disruptive challenges for many organisations. The regulation will impact an organisation’s legal, compliance, information security, marketing, engineering, and human resource practices.

The law protects EU data subjects. It extends beyond the EU's borders and affects companies without offices or data centres in the EU. Any organisation offering goods or services in the EU, collecting data on EU datasubjects or employing EU residents will have to be compliant. Many organisations are ill prepared. But May 25, 2018 is approaching fast. Organisations will need urgently to allocate budget and resources to implement the required governance processes and controls, case management tools and infrastructure security to achieve compliance. Failing to do so comes at a high risk. Penalties for non-compliance can include fines of up to €20 million or four percent of worldwide annual turnover, whichever is higher. Failure to comply can also cause serious damage to a company’s customer and partner relationships, public image and brand value.
Companies don’t have a plan to be ready for GDPR*
Companies have not started GDPR implementation**
Companies who say they do not understand what they need to do to comply with the GDPR.***

Are Your Ready for GDPR?

GDPR, which replaces a data protection directive that dates from 1995, does not officially take effect until 25 May 2018, following a two-year transition period
When it comes to being compliant with a regulation of this scope, early is on time, and on time is too late.

Deadline for Compliance


Take a quick GDPR quiz to see how ready you are


Data security solutions and other prevention technologies are only one part of compliance. Governance practices, operational processes, and staff awareness and training are also critical.
The first steps in developing compliance are to get management buy-in and then to map how your organisation processes personal data.
Based on a self-assessment and data mapping exercise, GDPR365 generates governance documentation and customised data protection tools.
An intuitive interface and thoughtfully constructed compliance workflows simplify the compliance programme and organise it into clear, simple tasks. The cloud-based hub improves company-wide collaboration, so you don’t have to worry about your compliance effort cascading quickly into a mountain of tasks, emails, spreadsheets, meetings and frustrated staff.
Reports provide visibility and accountability with complete oversight of all compliance issues. Tools to manage subject access requests, data breach incidents, records of processing, and client and employee notices reduce the regulatory risks. Compliance continuity is ensured because the cloud-based hub stores the audit records of your organisation’s efforts.

The 3 P's of Compliance


The 123DPO Compliance Journey

  1. Data Mapping, Planning and Training
    • Map how an individual's personal data is processed by your organisation.
      GDPR365 customises your governance documentation and data protection tools.
    • Invite the team and staff members who will implement the plan to GDPR365 and assign responsibilities.
      Begin staff awareness and training on the GDPR.
  2. Programme Implementation
    • Work through your compliance checklists. Finalise and publish your governance policies. Review consent processes and publish your notices. Implement your data subject requests and data breach management processes.
      Review and revise your processor and data sharing agreements.
  3. Ongoing Compliance
    • Schedule quarterly reviews of ongoing processes such as processor and data sharing partners, breach incident management, data subject requests and employee education
Days until Enforcement of GDPR will commence in the UK (as of 16th November 2018)
Hours within which an organisation must report a data breach
€ Million or 4% of global turnover - potential penalties for violations


Meet the people that are going to take your compliance to the next level.
Anthony Charlton
Anthony Charlton

Head of Compliance

Detail-oriented and always focused.

Andrew Parker
Andrew Parker

Head of Client Services

Curious, tech-geek and gets serious when it comes to work.

Yvan Bamping
Yvan Bamping

Managing Director

Enthusiastic, passionate with great sense of humor.

Contact Us

9 Lydden Road London SW18 4LT
Customer Support
E-mail: comply@123dpo.com Phone: +44 20 31 37 79 13

Scroll Up