Data Protection Compliance

Crimson Crab are expert at keeping you ethical, legal and responsible, thus freeing up your time and resources so you can get on with the job in hand.

Data Protection Compliance Guidance

If you would like to know the steps to take to comply with the rules please register for our series of email guides here.

GDPR guide for Data Controllers and Data Processors

These guides have been developed to help controllers and processors understand the steps they need to take to comply with the law. Access is £10 per guide and you can request access here.

Set Fee Assessments

Each assessment looks at a specific area of data protection compliance. The assessment is made against a red, amber, green traffic light, using tools supplied by the Information Commissioner’s Office and a comprehensive report of the steps to take to assure compliance is provided. The topics covered are:

  • Data Protection for Data Controllers (A Data Controller decides the purposes and means of processing personal data)
  • Data Protection for Data Processors (A Data Processor processes data on behalf of a Data Controller but is not an employee of the Data Controller)
  • Information Security
  • Direct Marketing
  • Records Management
  • Data Sharing and Subject Access
  • Use of CCTV

Price £120 per assessment (excluding travelling over twenty miles).

Get in touch to organise your assessment(s).

Subscription Services

Knowledge Overview

Business owners and senior people do not have time to keep up to date with developments in data protection best practice. We offer regular information on:

  • The latest Data Protection practices
  • Changes in the law and consultations
  • ICO conferences and events
  • ICO enforcement action

Price £10/month for 12 months minimum subscription.

Get in touch to organise your access.

Frequently Asked Questions

Questions pop up from time to time and it’s not always easy to find an answer. We can give access to a knowledge base with the answers to frequently asked questions about data protection issues.

Price £10/month for 12 months minimum subscription.

Get in touch to organise your access.


  • Induction training for new members of the team
  • Update training (as required) for all team members
  • Yearly competence assessment in Data Protection and Information Security

£330 per day or £200 per half day plus travelling.

Ask about our portal service for which there is an annual subscription of £30 for up to 10 users, each additional user is £2. For each use of a course there is a charge from £5 depending on the content. The portal can be made bespoke to the business if required in which case the annual subscription is £80 for up to 40 users.

Get in touch to organise your access.

Primary Point of Contact

Act as the main route for contacts with the Supervisory Authority using pre-agreed processes. Where additional work is required this can be carried out at our normal consultancy fees i.e.;

  • DPIA requests
  • Data subject complaints
  • Working with ICO audits or inspections

£10 per month for a minimum of 12 months

Managing and monitoring the processes for Data subject rights requests

  • Respond to subject access requests (SAR’s)
  • Co-ordinate deletion requests

£50/month for a minimum of 12 months. Subject to a maximum of 2 requests per month.

Get in touch to organise your access.


Data Protection Policy

A policy will help you address data protection in a consistent manner. This can be a standalone policy statement or part of a general staff policy. The policy should clearly set out your organisation’s approach to data protection together with responsibilities for implementing the policy and monitoring compliance. The policy should be approved by management, published and communicated to all staff.

Get in touch for your free, no obligation quote for producing this document.

Privacy Notice

Being transparent and providing accessible information to individuals about how you will use their personal data is a key principal of the Data Protection legislation. The most common way to provide this information is in a privacy notice.

Get in touch for your free, no obligation quote for producing this document.

Website Data Protection

We will provide a bespoke ‘Privacy Notice’ and set of ‘Terms of Use’ for a website, for £149. Please note this does not cover the entire data processing activities of the organisation.

Get in touch to organise the production of these documents.

Consultancy Services


Sometimes there is a question that cannot be resolved easily. We can provide an email helpline providing direct answers to business specific queries and questions on data protection matters.

£25/month for 12 months

Get in touch to organise your subscription.

Manage Data Protection Activities

For example:

  • Carry out/advise on Privacy Impact Assessments
  • Develop an information asset register
  • Carry out Internal Audits on procedures
  • Bespoke policy and, or process development (and implementation)
  • Penetration testing for websites and networks.

Get in touch to find out more.

GDPR – Data Protection Officer

For most businesses this is a non mandatory role, but it still may be useful to appoint a Data Protection Officer to your business. Read more…

If you can’t find what you want please don’t hesitate to get in touch to find out how we can help…

Crimson Crabs wave for ethical, legal and responsible trading, telephone 02392637190, email or click here to contact us