Our Services

Core Data Protection & GDPR Compliance

We work with you to align data protection principles with your day-to-day business activities from customer service and product development to marketing, HR, and internal governance. Whether launching new services, adopting new technologies, or scaling your operations, we ensure data protection is built in from the ground up.

Our approach includes practical staff training to empower your teams to handle personal data confidently and responsibly, reducing risk and building trust with your customers.

Ensure your business complies with UK GDPR, EU GDPR, and the Data Protection Act 2018 (as amended) through:

  • Gap analysis and compliance audits
  • Review and implementation of policies & procedures
  • Creation of data protection documentation templates
  • Tailored compliance strategies
  • UK/EU GDPR consultancy
Privacy by Design & Data Governance

Build a culture of privacy and proactively identifying and managing data risks

  • Privacy by design consultancy
  • Data protection impact assessments (DPIAs) – full lifecycle support for new or existing projects, systems and processes involving personal data.
  • Risk identification and mitigation strategy
  • Data mapping and records of processing activities (ROPA) – Help creating or reviewing Article 30 UK GDPR ROPA. This is a core accountability document that can be easily neglected or overcomplicated. JH Data Protection can offer ROPA templates. guided workshops as well as ongoing support.
  • Advice on transparency, accountability & governance
Contracts & Agreements

Secure your data sharing relationships with robust contracts.

  • Review and drafting of:
    • Data sharing agreements
    • Data processing agreements – required by law when data processors are instructed
    • Controller/Processor terms and clauses
  • Advice on working with third-party processors, independent or joint controllers
  • Privacy notice drafting & review
  • Lawful basis assessments
Data Subject Rights

Responding to data subject requests isn’t just a legal obligation — it’s an opportunity to demonstrate trust and transparency. At JH Data Protection Ltd, we provide expert support to help you manage and respond to DSRs lawfully, efficiently, and with confidence.

  • Assessing Requests Lawfully
    Guidance on recognising valid requests and identifying applicable rights (access, erasure, rectification, objection, etc).
  • Procedural Support
    Step-by-step advice on handling requests within statutory timeframes, including verifying identity and assessing exemptions.
  • Template Documents & Workflows
    Ready-to-use templates for acknowledgement, fulfilment, refusal, and extension notices — all tailored to your organisation’s tone and processes.
  • Redaction & Third Party Data Management
    Support with redacting documents and applying lawful exemptions, especially where third-party data is involved.
  • Training for Frontline & Back-Office Teams
    Empower your staff to recognise and escalate requests appropriately, avoid common mistakes, and respond consistently.
  • Complex & High-Risk Requests
    Consultancy support for sensitive cases involving special category data, safeguarding concerns, or legal privilege.
  • Audit Trail & Accountability
    Advice on maintaining appropriate records to evidence compliance and demonstrate your accountability to regulators.
Training & Awareness

Empower your team with the knowledge and confidence to collect, store, share and delete personal data:

  • Bespoke in-house or remote training sessions
  • General data protection training
  • Specific sessions on:
    • How to collect and share personal data lawfully
    • When do you need a privacy notice?
    • When do you need a Data Protection Impact Assessment?
    • Data subject rights handling
    • Data breach management
    • International data transfers
    • Privacy by design & accountability
    • Freedom of Information Act 2000 requests and Environmental Information Regulation 2004 requests
Data Breach Incident Response Support

When things fo wrong, we’re here to help.

  • Support responding to data breaches (investigation, notification, mitigation)
  • Advice on incident handling protocols
  • Liaison with the Information Commissioner’s Office (ICO)
Ongoing Support & Virtual Data Protection Officer (DPO) Services

Your trusted data protection partner, available when you need us.

  • Data Protection Officer (DPO) on retainer
  • Available for urgent advice and ongoing consultancy
  • Scheduled compliance reviews and support
  • ICO liaison and regulatory guidance
Website & Marketing Compliance
  • Cookie banner implementation and Cookie Policy drafting
  • PECR-compliant marketing audits (email, SMS, phone)
  • Consent and preference management reviews
  • Website privacy and consent UX audits
Innovative and Emerging Tech Support
  • Great for targeting fintech, AI, health tech, etc.:
  • Advice on AI, profiling, and automated decision-making (Article 22)
  • Support with DPIAs on emerging technologies
  • Horizon scanning for data protection risks in digital innovation

Privacy Notice

Cookies

Terms and Conditions

© 2025 JH Data Protection Ltd. Registered in England and Wales No. 16501012. All rights reserved.

Subscribe for updates

Join our mailing list and get notified when we release new articles, news and blog posts. No spam, we guarantee. Click on the Privacy Notice for more details.