With the new General Data Protection Regulations and the Data Protection Act 2018 becoming law, the problem facing many organisations is who will ensure compliance throughout the organisation, deal with breaches, subject access requests, data impact assessments, update policies.

Data Protection Officers (DPO) are a further expense on a business, good ones are difficult to find and often a business does not need an in-house or full time appointment.

If a business has a DPO, what happens when they are ill, or on extended leave?

Combining our unique skills from a legal, commercial and marketing background Affinity Resolutions can act as an external DPO.


Acting as an external Data Protection Officer

We have extensive experience acting as external DPO for a wide range of organisations in many sectors. We provide advice and assistance on all aspects of data protection.

Temporary cover can be provided for long term sickness, maternity leave, or the gap between in-house appointments.

We will also provide assistance to an internal compliance officer or data lead if an organisation is not required to appoint a DPO, but wants the peace of mind of professional back up.


Drafting Documentation

Many businesses and organisations require documents such as policies and procedures. In addition, data sharing agreements and processor agreements are now required as businesses in all sectors gear up to be GDPR compliant.

We draft all types of data protection agreements, policies and procedures at a competitive rate.

We bring:

  Extensive commercial experience of guiding an organisation through regulatory change (public or private sector)
  A thorough understanding of GDPR and its practical application
  Ability to advise on legal matters relating to the regulation
  Significant practical experience of reviewing business policies, processes and specifying solutions for remediation
  Excellent verbal and written communication skills and the ability to interact professionally with a diverse group at different levels within the organisation
  Excellent stakeholder management with an ability to establish and maintain a high degree of confidentiality, respect, trust and credibility
  Ability to effectively communicate data protection risks to non-experts
  A cost effective solution



All businesses and organisations need to ensure that appropriate training can be accessed. It is often difficult to find the right training at the right price.

We can train on the following topics:

GDPR – it is imperative to ensure that all members of an organisation understand the importance of treating data with respect. Our GDPR training provides an in depth overview of the law, and uses case studies relevant to your organisation which illustrates the implementation of data protection regulations.

Confidentiality – most members of an organisation understand the need for confidentiality. However, there are times when this can conflict with GDPR principles. Our training gives a comprehensive understanding of the rules of confidentiality and looks at confidentiality against the backdrop of GDPR and the Human Rights Act.

What we do:

  We will discuss with you, your specific requirements and write a bespoke course for you.
  We will travel to your premises and deliver the training on site or at a venue organised by you.
  At the end of the session, each delegate will be given a handout for future reference.