Privacy & Information Security Consultancy Services

As a trusted national and global partner to small and medium-sized businesses, Real Code offers vast array of services on data protection and information security. We help businesses with privacy and information security compliance and beyond. We offer advisory, consulting and auditing services. Our experts have recognized General Data Protection Regulation (GDPR) accreditation and vast information security knowledge including  ISO27001 implementation and audits.

We can help you meet compliance with Data Protection Act 2018, GDPR and ISO27001  by scoping your compliance project, reviewing and auditing your current programmes, act as you DPO or UK privacy representative, set robust incident response plans and advice on any privacy and information security compliance issues.

Our experts have years of practitioner experience are with an approachable attitude and can offer best practice and pragmatic advice.

GDPR challenges

Managing personal data fairly, lawfully and transparently has been a legal requirement in the UK since the Data Protection Act of 1998, GDPR expands on the main principles and brings additional requirements like demonstrating board accountability and keeping data processing documentation. Personal data is no longer a company’s asset but a risk that needs proper management. Although experts have described this legislation as ambitious, exceptionally complex and harsh, applying the corrects controls will help your business grow and build customer relationships based on trust. Each business will have changes to make in their policy, processes and business contracts, as well as in technical and organisational compliance. In many cases, the required changes could be complex and significant. Failure to comply could result in businesses being fined up to 20 million euros or 4% of annual global turnover – whichever is higher.

How Real Code can help you meet your GDPR compliance and privacy programme?

We offer a DPO, a UK data representative and all aspects of privacy compliance services. Our qualified and experienced data protection experts can help your business with a variety of best-practice solutions, from evaluating your position in relation to GDPR compliance and building a roadmap, to compliance through to implementation of a best-fit data compliance framework such as BS 10012:2017, ISO/IEC 27001:2013  and ISO/IEC 27701: 2019 tailored to your individual business.

Why choose Real Code Ltd GDPR Consultants?

We understand the challenges small and medium-size companies face very well. Every business is different and we offer proportionate compliance programmes. The Real Code approach is to tailor the solution for you to meet GDPR with comfortable changes to your established processes. We do not shoe-horn you into a proprietary solution that might not fit well with your business or culture.

  • We have a qualified in-depth understanding of the requirements of GDPR and how to comply with them.
  • Our specialists have extensive international data protection and information security management project expertise.
  • Our consultancy proposals have fixed prices, so you won’t get any unexpected surprises.
  • Extensive range of GDPR services and security assessments, depending on the progress of your compliance programme.
  • Experienced team certified to industry-recognised qualifications including Certified EU General Data Protection Regulation Foundation and Practitioner (GDPR).
  • Improve your businesses overall operational and information security procedures.
  • Improve security awareness legal, IT, HR and other business functions must all be involved, with executive support.


The GDPR Audit / Gap Analysis would typically include: Submission of briefing notes and initial GDPR data capture document for the nominated representatives to complete prior to GDPR interviews; Undertaking GDPR interviews with key functional representatives, to establish existing processes, practices and controls in place for personal data and comparing these against the GDPR requirements, e.g. in relation to: Data Protection Principles Rights of Data Subjects Controller & Processor Obligations Transfer of data to third countries and/or international organisations -e.g.: Following the GDPR Gap Analysis interviews, we will produce a summary report, presentation of findings and recommendations as well as an associated GDPR Action Plan.

Request a call back

You’re uncertain how much your organisation complies with the GDPR
Get your detailed assessment showing your organisation’s current position regarding GDPR compliance, and your plan to address the gaps and risks. Click here to speak to an expert now
You’re not sure what personal data you hold or where it is stored
Get an inventory of the personal data held and shared by your business, and a data flow map of your organisational processes. Click here to speak to an expert now
You don’t know the data protection risks of introducing new systems or processes
Get an assessment of the data protection risks associated with your new process and a plan to mitigate discovered risks. Click here to speak to an expert now
You need help to implement your business GDPR compliance project
Get support adapting your existing data protection programme towards the new GDPR. This includes:

  • Data protection frameworks
  • Policies and procedures
  • Data processor management
  • Information security
  • Incident management
  • International data transfers
  • Compliance documentation

Click here to speak to an expert now

GDPR Training Pricing

Price per session, multiple sessions available per day. Please contact us to schedule training for your employees, our online post-training test with printable certificate offers proof that your employees have achieved a suitable understanding of the principles of GDPR.

Our leading data protection consultants will work closely with you to implement organisational and technological controls which can significantly reduce your data protection and cyber security risks, and enable compliance with any applicable UK, EU (including the EU General Data Protection Regulation) and international data protection laws and best practice standards.

Data Protection & Information Governance courses are delivered by our experienced team of data protection consultants that adhere to a methodical and systematical learning path to provide you the specialist knowledge, skills and qualifications that will help your organisation accomplish and maintain compliance with GDPR, Information Governance and Compliance Auditing.

To book a session or discuss our training please contact us.


Frequently Asked Questions

Are GDPR fines insurable?

In the UK, no. Of the 30 countries reviewed by Aon and DLA Piper, it turns out such fines are insurable in only two jurisdictions – Finland and Norway. In most countries, the answer seems an outright no, while eight countries are labelled as “unclear”.

Can GDPR be applied retrospectively?

You need to look carefully at all of your existing data processing activities to ensure you are compliant. Let’s say you use customer data for marketing purposes. Do you have specific consent for this? Is that consent clear, prominent, opt-in, documented and easily withdrawn? If not, you must improve your existing mechanisms to accomodate the GDPR.

How GDPR works

GDPR is designed to give individuals better control over their personal data and establish one single set of data protection rules across Europe.
Organisations outside the EU are subject to this regulation when they collect data concerning any EU citizen.

GDPR are you ready for it?

Know the key concepts and articles regarding GDPR
What to do for GDPR compliance now, use tools such as those on for this.
Assess GDPR compliance decide which steps to take next in order of ease and priority.
Website adjustments, adjust your site to make it compliant with the law, Real Code Ltd can help with this.
Discuss their GDPR compliance issues to consider with a qualified professional
Monitor and audit your data aquisition, usage and storage ongoing using tools such as those on