We use cookies to help us to improve our site and enable us to deliver the best possible service and customer experience. By clicking accept or continuing to use this site you are agreeing to let us share your data with third parties in accordance with our privacy policy. Learn more

General Data Protection Regulation

GDPR Compliance

The General Data Protection Regulation (GDPR) became enforceable on 25 May 2018 and affects all organisations that handle personal data of EU residents. In order to avoid being fined 4% of your annual turnover, it is important to ensure you are compliant – we are here to help!

signing a contract
upward shot of aluminium architecture
Laven helps clients with GDPR gap analysis, preparation, adaptation of policies & procedures and online training.

The GDPR GAP Assessment

Laven will assist your Firm in the analysis of the type of data it manages and processes as well as how information is transferred across jurisdictions. The analysis is a key requirement of the GDPR under article 35 which requires organisations to asses all of their data processing activities and their impact on the protection of personal data. Our analysis reviews the ways your Firm currently processes/manages data and breaks down each process and client data collection points, the corresponding workflow, and where these need to be adapted for GDPR. Our review includes reading your policies or related procedures as well as staff and departmental interviews. We then advise on action points, and how to update and/or create policies in order to comply with the GDPR.  You can also purchase a template assessment excel based report to carry out your own assessment.

Laven can review the results of any work already done in relation to scop


Laven offers a full remediation plan which covers GDPR compliant policies & procedures which are bespoke to your Firm. This will continue to involve team members from relevant departments, focused on the data protection officer, compliance officer or chief information officer to ensure that all Firm’s processes are captured within the policy documents. Your policies can be stored, and any changes audit trailed within Laven’s compliance software if desired. Draft templated notices, which you can work on independently, are also available via the button below.

The GDPR Data Flow Analysis is tailored to the firm’s circumstance following the impact assessment.

Privacy Notice

Our policies include, where required, your Firm’s draft notice which is a document required by article 13 and article 14 of the GDPR, which provides individuals with clear and transparent information on how your Firm processes their personal data. Laven will create bespoke privacy notices to address your client base and employees which will highlight your compliance with the requirements of the GDPR principles of lawfulness, fairness and transparency. Draft templated notices, which you can work on independently, are also available via the button below.

We can also carry out a Gap Analysis to identify where updates are required for your Firm to be compliant with the GDPR.

GDPR Software

Once you have all the appropriate documentation in place the GDPR also requires firms to demonstrate compliance and accountability through record keeping. Laven’s GDPR compliance software is designed to streamline the process of monitoring and record keeping in line with the regulation to ensure time frames and the principles are met. It includes fully searchable registers to ensure that monitoring is efficient. Draft templated policies, which you can work on independently, are also available via the link below.

Laven can adapt existing policies & procedures to align them with the GDPR.

GDPR Training

Your Firm must ensure that the personnel working with personal data are trained appropriately in this area. The Privacy by Design principle expressed in article 25 of the GDPR requires the Firm to implement appropriate technical and organisational measures to ensure security for any Personal Data. Training is a key part of that. Further, the GDPR aims to change the culture around the handling of Personal Data within organisations and that is impossible without effective training.

Laven offers other regulatory online training courses.

Laven have created a GDPR monitoring plan it to ensure that the core steps detailed in your policies and procedures are carried out.

Data Protection Officer (DPO) coaching programme

The role of DPO may be conducted by an existing employee of your organisation alongside his/her existing duties. Laven can help you specify the role and responsibilities of a DPO; including one-on-one coaching for any incoming or existing DPO to ensure that they understand the extent of their responsibilities. Moreover, the same training may be offered to organisations which appoint a person responsible for data protection, without appointing a DPO.

European Union flag

EU and UK Representation

We offer EU representative (EuroRep) services to non-EU firms, enabling proactive GDPR compliance with little to no interruption. EuroRep will be your Representative in all European member states, and the point of contact for customers and authorities in the EU regarding privacy. If you are an EU-based company and hold data on UK citizens the Information Commisioners Office (ICO) will require you to have a UK Data Representative.We have a long history of data privacy expertise and work openly with specialised consultants to ensure our clients' peace of mind.

Contact Us

We are here to help. Contact us today to find out how we can assist your firm.

Tower bridge view at night