Deep Dive Consultancy

In-depth Data Protection Analysis

Reduce Risk!

Our Deep Dive consultancy services are designed to deal with specific projects and/or to do a deep investigation of a particular Data Protection issue. This will allow you to develop a greater understanding of the issues and risks in a specific issue and to develop appropriate mitigation using our expert resources.

Why do I need a Deep Dive analysis?

Often information risk exists in areas where an organisation has insufficient knowledge or control over the information processes and either a) maybe you don’t have sufficient resources to dedicate to a detailed cross-organisational or lengthy project; b) you don’t have the expert knowledge required in the deep dive area or c) you prefer an independent third party review.

We call this a “deep dive” as the analysis is usually narrow in focus and deep in penetration.

Typical Deep Dive Scenarios

A good example of a deep dive audit project is when we are instructed to examine, map, and ensure the data privacy compliance of a consent/opt-in process for electronic marketing.

This will usually involve looking at several websites, spreadsheets, databases, and paper forms and engaging with email broadcasting, web hosting, mailing house, telesales and other companies with who you share your data. The ultimate aim is to ensure you are able to deliver your communications program, reviewing contractual arrangements or putting new agreements in place with those third parties, documenting processes, data flows, a privacy impact assessment etc. and even carrying out site inspections if required.

Other examples of our Deep Dive analysis projects include:

  • Analysis of Risk Register
  • Procedural Framework Investigation
  • Supply Chain Investigation & Review of Process and Procedures
  • Staff Training & Awareness Sessions
  • Using DataWise, either via a managed service or standalone subscription, the key information, findings and remedial actions from a Deep Dive investigation(s) can be integrated into the system for ongoing management and reporting purposes


Following the Deep Dive audit, you will receive a professional report with our findings and recommendations for the specific data protection compliance issues. The report will include a detailed analysis of the data flow, highlighting areas of concern along with remedial recommendations where necessary.

Click here to discuss how we can help you with Deep Dive.

Contact Us

Send us a Message

    We would like to use your contact information to send you marketing and promotional materials and special offers by email from time to time. We may only send information to you in this way with your consent. Please indicate whether you consent to us contacting you in this way for those purposes. You may withdraw your consent at any time by clicking the unsubscribe link in our emails.

    We are always happy to make contact with you by either phone, email or a face to face meeting at our office or yours. We work standard UK office hours – every week day 0830 to 1730.


    We have been receiving complaints over the last few weeks from people who have received unsolicited direct marketing calls from a company called The Protection People.  We should like to point out that we are Data Protection People and have nothing to do with those calls.

    We have been advising those people who have contacted us that they should make a complaint to the Information Commissioner’s Office (ICO) using this link  It would be helpful to the ICO if you knew the number that called you, the date and time of the call and what the call seemed to be about.

    You might also want to register your phone number with the telephone preference service (TPS), a national suppression service which should cut down calls of this nature as it is not lawful to make unsolicited direct marketing calls to numbers registered on the TPS.  You can register your number here

    We know that these kind of calls can be distressing and intrusive and you have our sympathy.  Please do not hesitate to contact us if you would like to discuss it with us otherwise we’d encourage you to report it to the ICO as notifying them of this kind of practice enables them to investigate and take enforcement action where necessary.  You can see the action that has been taken by the ICO here

    Data Protection People Limited – March 2021

    Latest Articles

    Age Appropriate Design

    The Age Appropriate Design Code of Practice (AADCOP) is an extension of the Data Protection Act 2018 that affects providers of information society services (services... Read MoreI

    GDPR Radio – News & Views

    Tune-in and listen to our latest episode of GDPR Radio! 🎙️ GDPR Radio is a series of events run by the DPP. It is a... Read MoreI

    PECR: Direct Marketing

    The Direct Marketing guidance in the Privacy and Electronic Communications Regulations (PECR) is 58 pages long and can be found on the ICO website. Alternatively, if you... Read MoreI

    Recent Cyber-Attack On Council’s: The Impact On Privacy Within Education Explained

    Several schools across Bristol have been left without access to their computers and essential personal data – after being targeted by cybercriminals. A spokesperson for... Read MoreI

    GDPR Radio – News & Views

    Click the link below to listen to our 3rd ever episode of GDPR Radio!  GDPR Radio is a new series of events from the DPP.... Read MoreI

    GDPR Radio

    Click the link below to listen to our second ever episode of GDPR Radio!  GDPR Radio is a new series of events from the DPP.... Read MoreI