top of page

UK GDPR Compliance Workspace

​​The UK GDPR Compliance Workspace is a centralized, audit ready environment that enables organizations to operationalize compliance with the UK GDPR, not just document it.

​

The Workspace translates statutory obligations into structured workflows, documented decisions, and preserved evidence, covering lawful basis determinations, data subject rights, records of processing (RoPA), security and breach management, and accountability requirements.

​

All actions and approvals are versioned, attributable, and exportable, providing a defensible system of record for ICO inquiries, partner assurance, and investor due diligence.​

UK GDPR

Rules & Regulations

To start, select the Tier

Waiting Room

Tier 1 — Foundation

​

£1200 / year

​

For startups, MVPs, early SaaS,

small controllers

 

Includes

  • UK GDPR compliance overview & obligations

  • Controller obligations checklist (Articles 5, 6, 24, 30, 32)

  • Basic RoPA generator (single product / system)

  • Lawful basis documentation per feature

  • Privacy Notice generator (UK GDPR + DPA 2018 aligned)

  • Manual DSAR workflow & log

  • Breach response checklist (72-hour workflow)

  • ICO-aligned policy templates:

    • Data Protection Policy

    • Privacy Policy

    • Incident Response Policy

 

Limits

  • 1 legal entity

  • 1 product / system

  • Manual evidence upload

  • No DPIA automation

​

“Suitable for organisations with low-risk processing and limited personal data volumes.”

​

Tier 2 — Operational Compliance

​

£4800 / year

​

For scale-ups, B2B SaaS,

data-driven businesses

 

Includes everything in Foundation, plus

  • Multi-system RoPA (Article 30 compliant)

  • DPIA decision engine + DPIA templates

  • Automated DSAR intake, SLA tracking & logs

  • Vendor & processor management:

    • DPA templates (UK GDPR)

    • Processor register

    • Annual review logs

  • Records of consent & legitimate interest assessments (LIA)

  • Evidence pack generation for:

    • ICO audits

    • Enterprise customers

  • Security & organisational controls mapping (Article 32)

 

Limits

  • Up to 5 products / systems

  • Up to 20 vendors

  • Evidence export (PDF / ZIP)

​

“Appropriate for organisations with regular processing, third-party vendors, or growth-stage risk exposure.”

​

Tier 3 — Audit-Ready / Regulated

​

£18,000 / year

​

For enterprises, fintech, health, AI, regulated sectors

 

Includes everything in Operational, plus

  • Full accountability framework (Article 24)

  • Automated DPIA & risk register

  • UK GDPR + international transfer management:

    • IDTA

    • UK Addendum to SCCs

    • Transfer Risk Assessments (TRA)

  • Role-based access & evidence ownership

  • Incident response runbooks + breach simulation

  • Audit-ready evidence vault:

    • Training logs

    • Policy versioning

    • Access logs

    • Encryption evidence

  • Board-level compliance reporting

  • External auditor / counsel access

 

Limits

  • Unlimited systems & vendors

  • Multi-entity groups

  • API / Manus workflow integration

Regulator framing

“Designed to demonstrate ongoing compliance, accountability, and risk governance under UK GDPR.”

​

Tier 4 - Add Ons

​

 

External ICO audit prep pack - £2,500 one-time

 

Custom DPIA for AI / high-risk processing - £1,500

 

Annual compliance health report - £1,000

 

DPO support (light advisory) - £600 / month 

​

​

​

bottom of page