Virtual DPO Services

Flexible packages for short, or long term solutions to the Data Protection Officer conundrum.
Our most popular program was built for small to mid size businesses that are not mandated to have a DPO but are desirous of having access to such knowledge yet find it a cost prohibited luxury.

  • 1 full day per month for 12 months
  • Unlimited questions at any time (reasonable use of course)
  • Priority support in case of data breach
  • Use of our DPO email if desired
  • Use of our name as your assigned DPO if desired

Flexibility is key to everything we do. We can bring forward service days to assist when times are busy. This may be during the first months as we agree a plan for the coming 12 months, review the current status, introduce elements such as Record of Processing Activity (RoPA) and Data Protection Impact Assessments (DPIA). You may already have all the elements in place and need a trusted, skilled source to review the processing of records, any DPIA's, Legititmate Interest Assessment (LIA), data retention reviews etc.

We are happy to have an informal chat, and/or to provide customer references as appropriate.

Did you know that a website should display a ‘Privacy Notice’ not a ‘Privacy Policy’.

Your privacy policy should be specific to your organisation with highly detailed information on procedures and products as used in your organisation. It should be confidential to your company as hackers welcome that sort of information as a good starting point.

The first, and possibly best, piece of advice we have given to all our customers is ‘don’t lose any data’. This stacks up well when another of our teachings is considered – ‘the ICO are not looking for you’.

The second piece of advice is that ‘compliance is not possible’ and anyone offering to ‘make you compliant’ needs to be shown the door as they for sure have no genuine comprehension of the regulations and are only looking to extract cash from your wallet.

Think back to pre-25th May 2018 when consultants, companies and product vendors alike attempted to frighten us all by claiming a 4% of turnover fine would be the punishment for not purchasing their services or products. Who has egg on their faces now? Although plenty of them made lots of money using that tactic so probably don’t care much anyway.

We assist and encourage UK GDPR and DPA2018 adherence rather than compliance. A small matter of semantics but very important.

We bring pragmatism to the table and encourage a balance of risk and investment.

We openly point out that the ICO have publicly stated that they wish to work with companies rather than fine them. That is provided the company can be seen to have taken some steps, appropriate for their size and industry sector.


IT consulting, cyber security, services and supply. 100+ years experience in IT including CISO, CTO, procurement, marketing and technical sales. Our core philosophy is one of honesty and integrity. Since our foundation in 2014 we have not lost a customer....a good reason to give us a call.


  Amalfi Technology Consulting Ltd
25 Watchetts Drive, Camberley. GU15 2PQ

  01276 786102