Consulting engagement

Data Protection Impact Assessment

A structured risk assessment for data processing activities that are likely to result in high risk to individuals, as required by UK GDPR Article 35.

Deliverables

What you receive

Systematic description of the processing
Assessment of necessity and proportionality
Risk identification and scoring (likelihood x severity)
Risk mitigation measures
Consultation recommendations (ICO referral if required)
Completed DPIA document ready for records

Engagement

Three scopes to choose from.

Single Processing

One new product feature or data use

Timeline · 1 week

Enquire

Multi-Processing

New product launch with several high-risk activities

Timeline · 1-2 weeks

Enquire

Complex

AI/ML system, large-scale profiling, sensitive data

Timeline · 2-3 weeks

Enquire

Ideal client

Who this is for

Any organisation launching a new product, feature, or processing activity involving personal data -- especially if using AI, biometrics, profiling, or children's data.

FAQ

Frequently asked

GDPR Audit

A structured review of your organisation's data processing activities, policies, and controls against UK GDPR requirements.

Learn more

Privacy by Design

Technical and process review of a product or system to ensure privacy is embedded from the design stage, not bolted on later.

Learn more

Ready to get started?

Tell us about your organisation and we will scope the right engagement for you.

Start a conversation

Data Protection Impact Assessment

What you receive

Three scopes to choose from.

Single Processing

Multi-Processing

Complex

Who this is for

Frequently asked

When is a DPIA legally required?

Can I do a DPIA myself?

Related services

GDPR Audit

Privacy by Design

Ready to get started?