GDPR Consulting For Small and Large Businesses

    Become GDPR compliant in a fast, affordable and professional manner

    Free GDPR assessment and implementation plan for SMB and start-ups

    If you represent a company with up to 250 employees or a start-up with a limited budget, we can assist you, completely free of charge, in taking the first and what is considered the most difficult steps towards GDPR compliance.

    What does the free service include?


    We will assess the profile of your company against GDPR to identify which requirements are applicable or not to your business.

    Identification of gaps

    We will identify the gaps, in terms of cybersecurity and GDPR requirements, that need to be closed to avoid non-compliance and data breaches. 

    Recommendations on corrective actions

    Based on the identified gaps, we will suggest corrective actions that need to be taken to reach compliance.  

    Implemetation plan

    We will draft an implementation plan, taking into account the results of the risk analysis. It will include a plan of actions and documents needed to reach and demonstrate compliance.

    Book the service directly at

    Choose Your Plan

    Implementation and auditing

    performed by certified experts

    with experience in data protection and information security


    EUR 495
    • Policies, procedures and forms tailored to your company's security profile
    • Documentation written according to relevant information security standards
    • Free Support on document review during 3 months


    from EUR 2000
    • Data mapping and classification
    • Risk assessment
    • Private Data Impact Assessment
    • Third party compliance
    • Security of personal data
    • Data transfers
    • Policies, procedures and forms
    • 3 months of free support after the implementation


    from EUR 1495
    • Policies and procedures check against cybersecurity best practices and GDPR requirements
    • Review of the DPIA, risk assessment, data mapping results, and other relevant documents
    • Security measures check
    • Recommendations on corrective actions

    DPO as a Service

    Appointing an external DPO

    (Data Protection Officer)

    For both EU and non-EU companies required to appoint a Data Protection Officer, but do not have internal staff to cover this position, ISO Cyber Academy provides DPO as a Service. This is an on-demand or fully outsourced service. 

    Appointing a DPO is mandatory for:

    • Public authorities or bodies 
    • Companies processing personal data regualry, on a large scale 
    • Companies processing, on a large scale, sensitive data or data related to criminal convictions/offences