Menu
These include data protection training, data protection impact assessments (DPIAs), managing data subject access requests (DSARs), dealing with personal data security breaches, professional advice and practical support to state bodies, private companies and multinationals.
We are proud to partner with the International Association of Privacy Professionals (IAPP), the world’s largest and most comprehensive global information privacy community, to provide training services.
We are delighted to announce that Pembroke Privacy has joined forces with some true leaders in data protection and cybersecurity to form Strand Advisory, a new data protection consulting firm with a global reach. Our clients can still benefit from our local expertise and relationships, while also gaining access to our global colleagues. We are very excited about this global expansion of our business. Our motto, “making the complex clear” remains an integral part of who we are, and we hope to share that in a global marketplace.
This training course takes place over one day and will be delivered live and online via Microsoft Teams.
Raising awareness through training is also crucial to demonstrating compliance and accountability. Our team of data protection specialists have a wealth of experience in the provision of data protection training and workshops.
All our training is currently provided live online.
We provide a full suite of data protection services to support your organisation’s data protection strategy, including building a privacy framework, data protection impact assessments, personal data security breach management support, advice on managing data subject rights and guidance on compliant direct marketing approaches.
Through this interactive self-paced online course we can bring our in-depth knowledge of data protection directly to you in your workplace or at home.
We have worked with a third-party supplier to create a rich interactive training course with high production values. Our programme is unique and packed full of features including in-vision presenters, professional voice over artists, interviews on camera, case studies, animations, interactive tasks and quizzes.
*Available for individuals and organisations
Pembroke Privacy’s generic e-learning course will assist your staff’s understanding of, and compliance with, data protection law and the GDPR. The benefit of an e-learning course is that participants can attend at their own time, it can be used to train new staff and re-used for refresher training and it saves the DPO valuable time to undertake her/his many other tasks.
The Pembroke Privacy team has a wealth of experience in providing GDPR training “in-house” and via e-learning. We can now bring our in-depth knowledge of data protection to life for your staff with this interactive e-learning course.
We draw on our team’s extensive knowledge to develop a best-practice approach to every new data protection issue. Pembroke Privacy has also invested in technologies and tools that allow us to run every project efficiently and cost-effectively. This, along with our commercially-focused and results-oriented delivery style, ensures our clients gain maximum value from our services.
Founded by Kate Colleary, who led the data protection team in a global law firm for many years, Pembroke Privacy brings together a group of 15 expert data protection consultants who have a collective 25 years of experience in this specialised field. We blend our expertise with a practical, hands-on approach and deliver pragmatic, results-driven services.
We develop technologies and processes to make our work more efficient so that our clients gain the benefit of our team’s significant expertise delivered in a cost effective and efficient manner. We have developed products and tools, such as our gap assessment / compliance review process and our e-learning products to ensure that we can meet clients’ expectations in a rapidly changing technical environment.
The General Data Protection Regulation (GDPR) came into effect on 25th May 2018. It sets out rules for how organisations process personal data and requires us all to be able to demonstrate compliance with data protection law. Many organisations have undertaken a “GDPR gap assessment” which helps them identify areas that need improvement. They can then use this assessment to create a GDPR project plan and identify what technical and organisational measures to put in place.
The GDPR applies to the processing of personal data by automated means as well as to manual processing if the personal data are contained in a filing system. As most businesses and organisations process personal data, it is likely that the GDPR will apply to you.
The first step on the road to compliance is to carry out a data protection assessment of your organisation to identify any gaps in compliance and corresponding risks. A detailed project plan with clear tasks, responsibilities and timelines will assist you on your compliance journey.
In certain cases, organisations will have a statutory obligation to appoint a DPO. For example, where there is regular and systematic monitoring of individuals on a large scale. It is up to each organisation to assess whether it is required and if so, the organisation must register the DPO with the Data Protection Commission.
A Data Protection Impact Assessment (DPIA) is an assessment which is carried out on a new project, product, service or processing activity to determine whether the proposed new data processing poses any risks to the rights of the individuals whose personal data is being processed. The aim is to identify risk and implement measures to reduce or eliminate the risk. In certain cases, there is a statutory requirement to carry out a DPIA.
While is it important that you protect personal data from accidental loss, destruction or damage and against unauthorised or unlawful processing, security is just one of the principles of the GDPR. You must also make sure you are compliant with the other data protection principles.
Consent is just one of the lawful bases for data processing and not always the most appropriate one to rely on. You should review the lawful basis for each of your data processing activities and decide which one applies.
