The GDPR represents one of the greatest regulatory changes in how personal data is processed and stored.

The Intuity compliance consultancy team have designed a series of services that provide the insight and guidance needed to ensure ongoing observance of obligations.

With privacy-by-design at the core of all actions, our GDPR service includes:


Our consultancy team can be reached at or call 0818 987 900

Policy & Procedure Review

Core to our Compliance & Regulation offering in helping our clients with the GDPR is our Policy & Procedure review and update service. 

Following on from the initial data mapping exercise our consultant will look to review and update the policies & procedures required for compliance:

  • Undertake a review of current data protection policies in place.
  • Update your data protection policy in accordance with the requirements of GDPR, setting out your lawful processing criteria, consent management, subject access requests, data security breaches, retention of records etc.
  • Prepare Privacy Policy for website, privacy statements for employees, update application form online, and add email signature disclaimers.
  • Review current security and IT practices & procedures.
  • Identify and implement measure to satisfy privacy by design.


An initial set of policies to ensure compliance with regulation.

  • Data Protection and Record Retention & Destruction Policy
  • IT Usage Policy & IT updates
  • Employee privacy notice
  • Privacy policy for website

Contract Review & Vendor Management

To ensure GDPR compliance, companies must understand how and where vendors and processors manage client/customer personal data.

Our offering:

  • Identify third party vendors and processors and compile a master list.
  • Conduct an audit of vendors and processors and determine what measures they have in place to satisfy privacy by design.
  • Review existing vendor and processors contracts for GDPR compliance.
  • Assess and manage risks posed by vendors and processors.
  • Draft data processing agreements (DPA) and necessary addendums for vendors and processors to sign.


  • Supplier GDPR Readiness Questionnaire
  • Master list of vendors/processors
  • Risk register
  • Signed DPAs with vendors and processors
  • Service Agreements amended in line with GDPR

GDPR Awareness Training

I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.