GDPR Support

If you're not ready, we can help with that.

A GDPR workshop from ATG is the first step in understanding and achieving compliance.

Get FREE GDPR consultation

GDPR 101

GDPR is a new legislation being fully enforced in May 2018 and will replace the current Data Protection Act. The main objective of GDPR is to detail the current and newly enhanced, obligations and responsibilities organisations must follow in order to safeguard the data of EU citizens. Even B2B organisations, need to be treating their data. You now have less than a year to be fully compliant and put all the processes and system changes in place to ensure your meeting the standard.

The GDPR regulates the “processing,” which includes the collection, storage, transfer or use, of personal data about EU individuals. Any organisation that processes personal data of EU individuals, including tracking their online activities, is within the scope of the law, regardless of whether the organisation has a physical presence in the EU. Importantly, under the GDPR, the concept of “personal data” is very broad and covers any information relating to an identified or identifiable individual (also called a “data subject”).

The GDPR provides more privacy rights to EU individuals and places significant obligations on organisations. Some of the key changes are:

  • Expanded rights for EU individuals: The GDPR provides expanded rights for EU individuals such as deletion, restriction, and portability of personal data.
  • Compliance obligations: The GDPR requires organisations to implement appropriate policies and security protocols, conduct privacy impact assessments, keep detailed records on data activities and enter into written agreements with vendors.
  • Data breach notification and security: The GDPR requires organisations to report certain data breaches to data protection authorities, and under certain circumstances, to the affected data subjects. The GDPR also places additional security requirements on organisations.
  • New requirements for profiling and monitoring: The GDPR places additional obligations on organisations engaged in profiling or monitoring behaviour of EU individuals.
  • Binding Corporate Rules (BCRs): The GDPR officially recognizes BCRs as a means for organisations to legalise transfers of personal data outside the EU.
  • Enforcement: Under the GDPR, authorities can fine organisations up to the greater of €20 million or 4% of a company’s annual global revenue, based on the seriousness of the breach and damages incurred.
  • One stop shop: The GDPR provides a central point of enforcement for organisations with operations in multiple EU member states by requiring companies to work with a lead supervisory authority for cross-border data protection issues.

No, the GDPR does not require EU personal data to stay in the EU, nor does it place any new restrictions on transfers of personal data outside the EU. ATG's data processing addendum, which references our Binding Corporate Rules, Privacy Shield certification, and the European Commission’s model clauses, will continue to help our customers legalise transfers of EU personal data outside of the EU. See our FAQ on our data processing addendum for more information.

You can find out more and keep up-to-date on the legislation via our GDPR blog series.



Are you compliant yet?

Download our GDPR

Our GDPR Handbook is a great starting point for anyone wishing to understand the new legislation that is being imposed on businesses worldwide. Start your compliance and get your free copy now!

Download your copy now


Our phased Approach is broken down into these sections


Meet with all senior stakeholders and typically have a half day workshop to take them through the regulation and score this against their respective business.


Based on the awareness session, various individuals will have been identified as well as key staff, locations, systems, process etc. in order to conduct this work, which typically could be around 2 days


From the assessment, a gap analysis and roadmap will have been generated as a number of key outputs, and will form the basis of remediation this will be a multi-faceted activity requiring a combination of consulting, technology, and services.


After all areas are addresses, we potentially offer an on-going continuation service as part of retaining monitoring and controlling compliance, which can range from cyber to DPO

How can ATG help on your journey to GDPR readiness?

ATG offers comprehensive solutions, services and expertise to help support your journey to GDPR readiness.
There are five key areas that need to be addressed.


Data security plays a prominent role in GDPR.Our service equipts you to deal with the stricter obligations of the legislation such as data encryption and the ability to ensure ongoing confidentiality, integrity, avalability and resilience of processing systems and services.


Learn how to display your compliance within your day-to-day activities. Reasure your stakeholders that you value their data and the importance of it's safety. Consider what measures need to be taken, are they effective and how can you improve them.


Our all-inclusive cloud solutions keeps your data safe through a full range of protection capabilities. Data is stored within the UK and is easily accessible as it is easy to locate and erase at any point.

People, Processes and Communications

Implement a work ethic within the organisation, identifying the norms and values towards data handling/security. Employee's need to understand the risks and impact of improper data use.


We can assess the quality of the data you hold. Then advise you on how to use it in compliance with GDPR but how to interact with your individual customers, clients or third parties.

Challenges for business

  • Identifying how the new legislations specially applies to their organisation.
  • Implementing the neccesary areas or functions in the business.
  • Employee training on data handling.
  • Managing data subject requests.
  • Centralising data for multiple purposes.

Do I need Cyber Essentials for Defence Contracts?

Every business in the UK has a legal responsibility to protect any data they hold on individuals, a requirement which has become more important since ...

Five Reasons You Need Cyber Essentials

Cyber Essentials is a certification scheme available to all UK businesses. Jointly run between the National Cyber Security Centre (NCSC) and the UK ...

What's Next?

We would love for you to get in touch with us for more information or just to ask a question.
Why not choose one of the methods below?

Call Us!

01527 570535

Our experienced staff is on
hand for your queries

Email Us!

Our experienced staff is on
hand for your queries

Connect with us

Schedule A Call From Us

Schedule Chat Now!

click here for available times