GDPR and Data Protection Consultancy

In order to help your organisation fully comply with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA), URM has one of the strongest and most experienced teams of data protection consultants, who have completed a wide range of engagements in the UK, Europe and globally.

Within the UK, we have a dedicated team serving the London and South East region. Our mission is to assist you comply with the requirements of the GDPR and DPA in the most effective and pragmatic manner.

With over 15 years data protection consultancy experience, we are able to offer a host of tailored services, from a data flow workshop (identifying the key touchpoints in your organisation for personal data) and a gap analysis (identifying what you need to do in order to comply with the GDPR and DPA) through to a full-blown Virtual Data Protection Officer’(DPO) Service and Interim DPO Service.

Adopting a risk-based approach, our GDPR consultancy services will enable you to fully understand what GDPR risks your organisation faces and what your priorities should be in terms of remediation activities.

Renowned for providing pragmatic and clear advice, our GDPR consultants can help you achieve full compliance with the Regulation and the DPA and deal with issues such as:

auditing, audit, compliance, assessment

Developing Effective and Appropriate Documentation

Such as records of data processing activities (RoPA), data retention schedules, privacy notices, policies and processes.

compliance, iso compliance, iso certification, shield, cyber secure

Dealing with Data Breaches

iso test, iso consulting, virtual dpo, cyber essentials,

Developing and Delivering Training and Awareness for All Staff, Including DP Champions

certification, certified, security certification

Conducting Data Protection Impact Assessments (DPIAs)

iso plan, iso implementation, implementing iso, gdpr implementation, gdpr consulting, pci services, pcidss services

Responding to Data Subject Right Requests

One of the most effective ways of demonstrating to your clients and stakeholders how well personal data is to develop and certify your personal information management system to BS 10012:2017.

This is another area where our GDPR and data protection consultants can provide you with pragmatic and tailored services to achieve certification.

Should your organisation already be certified to ISO 27001, our dual information security and data protection consultants are ideally placed to help you develop an integrated information security and privacy information management system that complies with ISO 27701.

What People Say About us

We engaged with URM to help us define and implement our UK Data Protection and Data Privacy framework and supporting processes for our specialist lending operation.


From the outset they took the time to understand us and demonstrated an understanding of our business model and a great depth of technical knowledge.


They were commercial in their approach to this complex area and were able to cut through the jargon, explain issues clearly and concisely and implement a working model to suit our business.


They helped us design and implement our framework within budget and on time, no small feat given the logistics of collaborating with our Australian colleagues. We would be happy to work with them again and engage across their wider business offering.

Let our GDPR and Data Protection experts help you!

More about GDPR and DP

GDPR and DP Training

Consultancy Services

About URM

Follow us on