Basic
Premium
Access to norm’s lawyer led DPO team who will provide information and advice about your legal obligations under GDPR and relevant national legislation to ensure business critical data protection & privacy risks and incidents are appropriately managed and escalated.
Lead on personal data breach response, management and resolution.
Advise and support your business in the fulfilment of Subject Access Requests (SARs), other data subject rights and Data Protection Impact Assessments.
Identify, interpret and advise on emerging data protection & privacy laws and cases.
Manage and conduct a review of your UK website(s) to identify any business critical ePrivacy compliance failures
Remediation or redrafting of your cookie policy if required
Manage and conduct an annual review of your data protection & privacy governance framework and submit an annual report to your Board
Drafting of the following bespoke data protection policies: Data Protection Policy, Privacy Policy, Data Retention Policy, Breach Management Policy.
Serve as the primary point of contact and liaison with the Information Commissioner’s Office (ICO) and other EEA Data Protection Authorities on all data protection related matters under the GDPR and relevant national legislation
Access to template policies to assist with compliance with relevant national legislation and GDPR where applicable.
Access to up to 10 webinars per year on the latest data protection & privacy news and developments.
‘Discovery Workshop’ to understand your business and how it processes personal data
Advice credits per month
4
UNLIMITED
Carry out a review of any proposed new legal contracts/agreements for compliance with GDPR
4 per annum
Analyse your current personal data processing operations and activities to ensure compliance with data protection & privacy laws, and where necessary, provide policies applicable to your business to achieve compliance.
Access to suite of online GDPR training modules.
Develop and deliver bespoke data protection & privacy training webinars to raise employee awareness and security issues, to ensure your data protection & privacy knowledge remains up to date, understood and tailored to your business needs.
2 per annum
Advice to help you embed data protection by design and default in all your internal processes and procedures
Annual review and revision of your data protection policies and procedures
Join, if required, your Security & Data Governance Committee (or equivalent)
Quarterly external vulnerability management scan to help ensure that your IT systems comply with security requirements of GDPR and relevant national legislation
Service availability hours – Monday to Friday 9:00 – 17:30hrs UK (excl. public holidays)
Personal Data Breach Service Availability – 24/7/365 with 4-hour response