GDPR “Kickstart”

Our GDPR “Kickstart” fees start from €5K

“Kickstart” is based on our unified data privacy framework. It is practical, cost-effective, and has GDPR and e-Commerce traceability

GDPR Kickstart outputs

  • A report of your current state of personal data protection
  • Gap report of your current state against our unified privacy framework
  • Road-map to compliance
  • Board papers for estimated cost and effort
  • Compliance action plan
  • Project brief

Are you part of a Small and Medium size Enterprise (SME) with a limited budget?

Do you need to become GDPR compliant but aren’t sure how to do it?

If so, our GDPR Kickstart solution may be what you need.

What is GDPR Kickstart?

GDPR Kickstart is a plain-speaking and straightforward approach for GDPR implementation.

GDPR Kickstart uses our unified data privacy framework and operating model with 100% traceability to the regulation.

Download a brochure.

GDPR compliance mission

Achieving GDPR compliance is not rocket science. The regulation tells you in clear language what you need to do:

“the controller (your organisation) shall implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed per this Regulation.”

Holistic compliance

GDPR Kickstart gives you a structure that provides evidence to your data privacy regulator (Supervisory Authority) that you have taken the regulation seriously.

A framework built on experience

The knowledge behind our holistic GDPR model derives from implementation.

Our unified data privacy framework adresses the organisational and technical measures required by the GDPR.

An accepted model

Our unified data privacy framework was accepted into risk and compliance at a prominent insurance company and has since been accepted by other sectors like commercial real estate and rental, digital piracy detection and software development as an appropriate structure to evidence GDPR compliance.

How GDPR Kickstart works

  1. GDPR Kickstart adapts to your needs.
  2. GDPR Kickstart adapts to your size.
  3. GDPR Kickstart adapts to your budget.

You identify the elements you think you need, and we do the rest.

You choose how you want to resource the implementation.

For small businesses, GDPR Kickstart fees start from 5,000 EUR.

GDPR Kickstart elements

  1. GDPR Stakeholder fact-finding
  2. GDPR Maturity assessment report
  3. GDPR Tasks, descriptions & instructions
  4. GDPR Artefact templates
  5. GDPR Implementation and oversight

More details about GDPR Kickstart

Our GDPR unified data privacy framework is in use. It is tried, proven and verifiable.

GDPR Kickstart was born out of the need for an SME* to demonstrate GDPR due diligence and assume complete control upon implementation.


GDPR Kickstart comprises the following:

  1. GDPR Initial Findings – stakeholder identification, Heads of Department questioning, findings from answers and other contributions
  2. GDPR Maturity Report – details of results, gaps against the benchmark model, proposed solution and high-level tasks
  3. GDPR Task List – task list assigned to staff members/business areas
  4. GDPR Task Descriptions – a description of each task: what is it, why it is needed and how to deliver
  5. GDPR oversight – regular check-points to assess progress and apply corrections as and when necessary
  6. GDPR implementation – governance, operating model, risk integrated compliance structure, standards, procedures, basic training, all required regulatory artefacts


Your project will use our in-use, proven and verifiable GDPR unified data privacy framework.

Our Kickstart service is an initial five-day maturity assessment comprising: a maturity assessment report and a high-level plan with task assignments.

The tasks are assigned to internal staff members or external implementation contract staff that we can provide. Each task includes implementation instructions and templates.

GDPR Kickstart allows for fortnightly (or more frequently if requested) half-day follow-up calls or visits over the agreed duration (usually 2 to 3 months) to ensure that the work is complete.

Delivery to show compliance

GDPR Kickstart delivery enables any organisation to demonstrate that it has undertaken work and delivered evidence to support GDPR articles 5.2 – “Accountability” and 24.1 “Responsibility of the controller”, which states:

“the controller (your organisation) shall implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with this Regulation.”

Risk monitoring

Our GDPR unified data privacy framework is a structure that will fit into an enterprise risk framework and operates under standard compliance practices. It is a practical, pragmatic, risk appetite-based solution that should meet the needs of all organisations regardless of size or location.


SME means Small and Medium-sized Enterprises. An SME is usually a business with less than 250 employees.

data protection controls

Data Protection Controls

Head Office

Calle de la Caléndula 93, Miniparc III, Edificio E, 28109, Alcobendas, Madrid, Spain

Call us

+34 915 553 975