Data Protection (GDPR)
Put your company’s data protection in order.
A little effort goes a long way to avoid huge risks.
from
€ 2,990
Is your business GDPR compliant and sustainable?
European data protection laws are constantly evolving. The General Data Protection Regulation, or GDPR, has raised data protection to the highest level of business risks, and the consequences for non-compliance can be severe.
Data protection means ensuring that a company takes care of the personal data and privacy of its customers, employees, partners and other stakeholders in a lawful and transparent manner. They all value the fact that their personal data is processed in accordance with the law.
Good data protection is an essential part of responsible business and corporate sustainability. Today, more and more customers, financiers and other stakeholders are demanding that all their partners comply with the data protection laws.
Top 5 data protection mistakes
There are common misunderstandings about data protection and privacy that no responsible company leader should make.
5
Don’t think that data protection is just a formality. If you neglect it, your customers and everyone else will notice, and they won’t appreciate it. Good data protection supports safe and sustainable growth.
4
Don’t think that drawing up a privacy policy is all that it takes. Lawful data protection requires internal processes, documentation and staff skills that should be tailored to your business. Once these are in place, you’re golden.
3
Don’t think that no one cares about data protection. Especially in Europe, a fast growing number of medium-sized and large customers as well as funders now require that every company that they do business with adhere to data protection laws. Looking after good data protection gives you a competitive edge.
2
Don’t think that you don’t process personal data and therefore don’t have to worry about data protection. Every company processes personal data of someone: customers, employees, directors, shareholders, funders, and business partners. Protecting your stakeholders’ personal data shows you respect them.
1
Finally, and most importantly: Don’t think that ensuring good data protection is an impossible or exceedindly expensive task. With professional help, you can set up compliant data protection with ease and cost-efficiency.
Start-ups and small growth companies also need to take care of good data protection
Today, an increasing number of medium and large customers, financiers and other stakeholders are demanding legal and ethical compliance from all their partners. Small companies often lose RFP’s and other tenders because they cannot demonstrate their compliance.
Both start-ups and growth companies should be proactive in ensuring high quality data protection when seeking funding or loans. Data protection is a key risk issue in due diligence done by investors and lenders.
Well managed data protection serves to strengthen your company’s valuation and to reduce risk premiums. Conversely, failure to protect personal data brings huge financial risks and raises “red flags” that can bring down a whole financing round. It’s important to act well ahead of time, as due diligence probes can go back as far as three to five years.
You get these benefits
- Compliance: After the service, your company’s data protection activities will comply with the law. Under the hood, everything is in pristine condition, and you’re ready for a possible data protection audit by the authorities.
- Scalability: We’ll build a functioning data protection organisation and processes for your company to ensure that your data protection activities and compliance are monitored and supported, now and in the future. Lawful data protection will not be a vague or mysterious topic anymore as your key people will gain a clear and practical understanding of it.
- Demonstrability: We’ll document and draw up a report on the compliance of your company’s data protection activities. This documentation will demonstrate your diligence in taking appropriate measures.
- Staff skills: Your staff will appreciate the importance of data protection, and each of your employees will understand their role in ensuring compliance with data protection law. Your staff will be adequately equipped to comply with the law in their daily tasks.
- Sustainability: By ensuring that your data protection practices are compliant and implemented correctly and effectively in the day-to-day operations of your business, you’ll ensure the secure and lawful processing of personal data of your customers, employees, partners and other stakeholders. This is essential to ensure the sustainability of your business.
A professionally built data protection program is the cornerstone of any business that respects its customers, employees and others. Taking care of data protection is part of corporate responsibility.
What's included
- Assessment: We’ll map your company’s level of data protection and help you make corrections. We take a practical, stakeholder-driven approach based on your business needs. We start with a comprehensive initial information survey and management discussion to get an accurate and adequate picture of your company’s data protection practices.
- Management skills: We’ll advise your company’s upper management on what exactly data protection is about and how best to organise its legal implementation in practice. The managers will be equipped with effective tools for leading your data protection activities.
- Managers’ guidance: We’ll develop a comprehensive and practical guide for your management, which will enable each front-line employee to monitor and support legal data protection practices in their area of responsibility.
- GDPR organisation: We’ll set up a compliant data protection organisation in your company so that the legal implementation of data protection can be monitored and supported internally.
- Documentation: We’ll draw up the necessary documents and registers that the law requires your company to keep. Depending on the level of service, the documentation includes, for example, a data processing activity register, privacy policies, necessary impact assessments, data processing agreements and legitimate interest balancing tests.
- Staff training: We’ll guide your staff in the legal data protection practices, taking into account the circumstances of your business. Depending on the level of service provided, we will hold a workshop or training session for your staff to ensure that everyone in your work community understands the importance of data protection in your business and can take care of data protection in their own work.
- Final report: We’ll document the improvements made to your data protection and produce a final report. This report will demonstrate that your company has taken the necessary steps to ensure legal data protection practices.
- Compliance monitoring: If you wish, we’ll monitor your company’s data protection performance for up to 12 months.
- GDPR certification: If you wish, we’ll help your company prepare for formal data protection certification.
Data protection program tailored to your growth
Data protection is one of the biggest challenges facing responsible business today. Failure to do so can be very costly. It is important that your company respects the right to privacy of all stakeholders.
Every company should strive to ensure that data protection is well managed. The sooner a compliant privacy policy is integrated into the day-to-day operations of a company, the easier it will be to scale the business safely and sustainably.
We build our service around the actual operations of your business so that your data protection practices actually meet the requirements of the law and the needs of your business.
Prices
Choose your service level
Start Up
Scale Up
Grow
For startups and small companies with limited data processing activities.
Revenue € 200,000—500,000
Less than 10 employees
E.g. a small expert consultancy that processes mainly B2B clients' basic personal data.
For small growth companies with regular data processing activities.
Revenue € 500,000—1,500,000
Employees 10—20
E.g. a growing IT services company that processes B2B clients' and employees' personal data.
For companies with large-scale or high-risk data processing activities.
Revenue > € 1,500,000
More than 20 employees
E.g. a SaaS or platform company that processes a large amount of user data or sensitive data.
€ 2,990
+ vat
- Data protection assessment survey
- Tailored privacy policy
- Data Processing Agreement template for you
- Transfer safeguard instructions for you
- Data Transfer Agreement template for you
- Staff GDPR training module
- Data protection manager's manual
- Final report
- Add-on: Record of data processing activities
The service includes one data subject group of your choice (e.g. your customers). For extra groups add € 350 each + vat.
You can buy tailored data processing activities records for one or more data subject groups (e.g. your employees). Add € 640 each + vat.
— OR —
€ 4,990
+ vat
- Broad data protection assessment
- Tailored privacy policies
- Tailored DP Activities Record (1 pc)
- Data Processing Agreement template for you
- Transfer safeguards surveys (10 pcs)
- Data Transfer Agreement template for you
- Balancing tests (3 pcs)
- Staff GDPR seminar (1 h)
- Data protection manager's manual
- Final report
- Add-on: GDPR Certification Ready
The service includes a maximum of three data subject groups of your choice (e.g. your customers, employees and website users). For extra groups add € 460 each + vat.
The service includes a Data Processing Activities Record for one data subject group (e.g. your employees). For extra groups add € 580 each + vat.
— OR —
€ 7,990
+ vat
- Broad data protection assessment
- Tailored privacy policies
- Tailored DP Activities Records
- Data Processing Agreements drafted (10 pcs)
- Transfer safeguards assessment (30 pcs)
- Data Transfer Agreements drafted (10 pcs)
- Balancing tests (10 pcs)
- Impact assessments (DPIA and DTIA)
- On-site staff GDPR workshop (2 h) *
- Data protection manager's manual
- GDPR compliance monitoring 12 mo (12 h)
- Final report
- Add-on: GDPR Certification Ready
The service includes a maximum of five data subject groups of your choice (e.g. your customers, employees, board members, contractors and website users). For extra groups add € 780 each + vat.
* On-site in Helsinki region (other regions for an extra fee).
— OR —
Prices
Choose your service level
Start Up
For startups and small companies with limited data processing activities.
Revenue € 200,000—500,000
Less than 10 employees
E.g. a small expert consultancy that processes mainly B2B clients' basic personal data.
€ 2,990
+ vat
- Data protection assessment survey
- Tailored privacy policy
- Data Processing Agreement template for you
- Transfer safeguard instructions for you
- Data Transfer Agreement template for you
- Staff GDPR training module
- Data protection manager's manual
- Final report
- Add-on: Data Processing Activities Record
The service includes one data subject group of your choice (e.g. your customers). For extra groups add € 350 each + vat.
You can buy tailored data processing activities records for one or more data subject groups (e.g. your employees). Add € 640 each + vat.
— OR —
Scale Up
For small growth companies with regular data processing activities.
Revenue € 500,000—1,500,000
Employees 10—20
E.g. a growing IT services company that processes B2B clients' and employees' personal data.
€ 4,990
+ vat
- Broad data protection assessment
- Tailored privacy policies
- Tailored DP Activities Record (1 pc)
- Data Processing Agreement template for you
- Transfer safeguards surveys (10 pcs)
- Data Transfer Agreement template for you
- Balancing tests (3 pcs)
- Staff GDPR seminar (1 h)
- Data protection manager's manual
- Final report
- Add-on: GDPR Certification Ready
The service includes a maximum of three data subject groups of your choice (e.g. your customers, employees and website users). For extra groups add € 460 each + vat.
The service includes a Data Processing Activities Record for one data subject group (e.g. your employees). For extra groups add € 580 each + vat.
— OR —
Grow
For companies with large-scale or high-risk data processing activities.
Revenue > € 1,500,000
More than 20 employees
E.g. a SaaS or platform company that processes a large amount of user data or sensitive data.
€ 7,990
+ vat
- Broad data protection assessment
- Tailored privacy policies
- Tailored DP Activities Records
- Data Processing Agreements drafted (10 pcs)
- Transfer safeguards surveys (30 pcs)
- Data Transfer Agreements drafted (10 pcs)
- Balancing tests (10 pcs)
- Impact assessments (DPIA and DTIA)
- On-site Staff GDPR workshop (2 h) *
- Data protection manager's manual
- GDPR compliance monitoring 12 mo (12 h)
- Final report
- Add-on: GDPR Certification Ready
The service includes a maximum of five data subject groups of your choice (e.g. your customers, employees, board members, contractors and website users). For extra groups add € 780 each + vat.
* On-site in Helsinki region only (other regions for an extra fee).
— OR —
Get a brochure for full details
Request a brochure for the Data Protection (GDPR) package
When you send this form, we’ll handle your personal information as is described in our privacy policy.