Data Protection

Data Protection Policies and Procedures

The Data Protection Act 2018 and The General Data Protection Regulation 2016/679 (GDPR) affect all businesses.

Having policies and procedures in place to protect the data of those you hold information on is not just essential it is a legal requirement. Failure to adhere to the legislative requirements can render businesses liable for sanctions by their regulator or significant fines.

We work with businesses to implement an effective set of data protection policies and procedures that ensure the business has created the correct environment to manage, control and protect data.

Not every business can stop a determined data thief from taking data from their systems. The industry is littered with examples of complex systems being accessed by ‘hackers’ and data being stolen. However, if your business is exposed to data theft or data loss, the focus will turn to the policies and procedures you had and have in place to protect the data you hold.

If your business has not followed the necessary requirements of your regulators, negative legal consequences will follow.

AML and Compliance work with existing businesses to review their current approach to data protection. We aim to enhance this where necessary and assist start-up businesses or those which have not fully considered the impact of data protection. Our focus is to ensure that all businesses we work with understand and comply with the requirements of the legislation and therefore protect the data they hold. We ensure the businesses we work with have proportionate and sensible policies to actively demonstrate the efforts taken to control and protect data.

Data Protection Services

Our Data Protection and policy drafting services will provide a business with the following:

  • Policy writing, including
    • Client facing data protection policy
    • Internal data protection policy
    • Data protection and GDPR supervision policies
    • Dealing with a data breach
  • A data protection audit process which provides an annual health check of the data protection policies
  • Training to all staff on data protection and how it affects them
  • Data breach notification and investigation processes
  • Data breach registers and controls
  • Compliance officer procedures and general supervision


We provide a bespoke service that develops and delivers quality data protection policies and procedures that are proportionate and protect your business. We work with you, if needed, on an ongoing basis to protect your business, staff and clients.

To enquire about our Data Protection and GDPR services and how AML and Compliance can work with your business, you can call us on 0203 985 8553, email us at or complete an enquiry form.