Data Protection and GDPR

In this Information Age business transactions are increasingly conducted electronically and personal information about customers are held digitally. As such, customers are taking their privacy more seriously and are unlikely to do business with an organisation that does not comply with data protection principles or have robust security systems in place to protect their personal data from unauthorised access or data security breaches, including cyber security.

AVLA Business Services specialise in helping organisations comply with data protection laws and avoid financial penalties or compensation claims by ensuring that robust data governance systems are processes are in place, by:

  • providing Data Protection Officer (DPO) advice and support services

  • carrying out Data Protection Impact Assessments (DPIA)

  • embedding a data protection culture across your organisation by designing and delivering training for staff so that they understand how to apply data protection principles, prevent and respond to data breaches

  • mapping data flows across your organisation and compiling GDPR compliant record of processing activities

  • advising on data retention, disposal and record (paper and electronic) management

  • advising and supporting data breach investigations and action planning

  • assisting with Data Subject Access Requests from customers, including carrying out redactions of documents

  • drafting policy and procedure to comply with legal, regulatory requirements and fulfil business needs


Our services are delivered remotely or onsite and are adapted to the needs of your organisation