General Data Protection Regulation

From helping you understand what the impact of General Data Protection Regulation will be on your business, right through to implementing and managing ongoing compliance, Gordian is there.

Are you an Australian business with a website using analytics or cookies to profile users, including those in the EU?
Do you offer to sell products or services to people in the EU, including through your website?
Do you have a presence in the EU?
If the answer is yes to any of these then the new European Privacy Law, GDPR applies to your processing of that data.
Are your customers asking you to be GDPR compliant?
Do you want to demonstrate gold standard privacy compliance, building trust and respect with your customers, suppliers and employees?
Then GDPR is coming to your business!
With fines of up to 4% of global turnover or €20 million, whichever is the larger, then you must to comply.

Our offer

With over 10 year’s experience providing specialist technology law and privacy to Australian businesses, we can provide specialist privacy service that ensures your business is protected and compliant under the GDPR.

GDPR Representative services
Designed to comply with Article 27

Do you need GDPR Representative services? Find out here

We are proud to have assisted in the development of a web-based GDPR Representative Service portal designed to provide a low cost, professional, GDPR compliant EU representative service for our clients.  This service is provided by Juksta GDPR Representative Limited, Ireland and includes a 30 day free trial.  

Please review the available plans below and refer to the Juksta GDPR Representative Service website for additional information or to signup to this new service.   

Basic
Ideal for small companies and sole- traders that offer goods or services to a small number of individuals in the EU or who monitor behaviour of a small number of individuals in the EU (e.g. website analytics of a small business website).
  • An EU presence in Ireland. (Suitable for enquiries from all EU Member States).
  • Customer care portal to allow GDPR  personal data requests.
  • Management portal to allow you to store and respond to requests.
  • Fee includes up to 5 personal data or supervisory authority requests per month.
  • Additional requests only 2 euros each.
  • Translation services provided using Google Translation API. Manual translation available at additional cost.
€29 Monthly fee

No setup fee. Free 30 day trial.
12 month subscription after free trial.

Business
Ideal for small to mid sized companies with a larger customer base of EU individuals receiving their goods or services or who monitor behaviour of a larger number of individuals in the EU (e.g website analytics of a larger traffic website).
  • Everything included in the Basic plan, plus:
  • Fee includes up to 25 personal data or supervisory authority requests per month.
  • Additional requests only 1.50 euro each.
  • Customised notifications and escalations including by SMS.
  • Service level escalations to help manage SLA requirements for completion of requests.
  • Activity reports and exporting of requests.
€69 Monthly fee

No setup fee. Free 30 day trial.
12 month subscription after free trial.

Corporate
Ideal for medium to large companies with a significant customer base of EU individuals receiving their goods and services, monitor behaviour of a larger number of individuals or have additional corporate governance policy requirements they must fulfil.
  • Everything included in the Business plan, plus:
  • Fee includes up to 100 personal data or supervisory authority requests per month.
  • Additional requests only 1 euro each.
  • Complete branding of your request portal, including use of CSS.
  • Additional layer of authorisation before requests are responded to, suitable for QA, management or legal sign off.
  • Audit logging of all actions made within the application, including the user, timestamp and the action undertaken.
€249 Monthly fee

No setup fee. Free 30 day trial.
12 month subscription after free trial.

DPO As a Service
Designed to comply with Articles 37-39
Low
Ideal for small companies with straight forward privacy environment.
  • Awareness training
  • Management briefings
  • Monitoring of compliance programs
  • Data protection impact assessments
  • Record keeping monitoring
  • GDPR personal breach notifications and Australian Privacy Act data breach notifications
  • Requests from individuals who are exercising their rights
  • Liaison with the Supervisory Authority

Any services that exceed the monthly number of hours. This may include work on data protection impact statements, personal breach notices or disputes.

$1,250 Monthly fee
For up to 2 hours services per month.
Additional services at time and materials rates.
Minimum term 12 months.
$1,000 set-up fee.
Regular
Ideal for medium sized companies or companies with more complex privacy environments (e.g. profiling users behaviour, special category data, dealing with children or criminal records)
  • Awareness training
  • Management briefings
  • Monitoring of compliance programs
  • Data protection impact assessments
  • Record keeping monitoring
  • GDPR personal breach notifications and Australian Privacy Act data breach notifications
  • Requests from individuals who are exercising their rights
  • Liaison with the Supervisory Authority

Any services that exceed the monthly number of hours. This may include work on data protection impact statements, personal breach notices or disputes.

$4,800 Monthly fee
For up to 8 hours services per month.
Additional services at time and materials rates.
Minimum term 12 months.
$2,000 set-up fee.
High
Ideal for larger organisations or companies with more complex privacy requirements (e.g. processing large amounts of personal data, significant processing of special category data, auto-decision making, public area surveillance, etc.).
  • Awareness training
  • Management briefings
  • Monitoring of compliance programs
  • Data protection impact assessments
  • Record keeping monitoring
  • GDPR personal breach notifications and Australian Privacy Act data breach notifications
  • Requests from individuals who are exercising their rights
  • Liaison with the Supervisory Authority

Any services that exceed the monthly number of hours. This may include work on data protection impact statements, personal breach notices or disputes.

$8,000 Monthly fee
For up to 16 hours services per month.
Additional services at time and materials rates.
Minimum term 12 months.
$4,000 set-up fee.
Why Gordian?

For over a decade, Australian businesses have trusted Gordian to provide specialist technology law and privacy advice.

Our Services
With more than 10 year’s experience in providing specialist technology law and privacy advice to Australian businesses, the Gordian group of companies can provide you with a specialist privacy service.
Multi-Disciplinary, Multi-Location Team

Let our team of experts, including lawyers, project managers, information management specialists, based both here in Australia and in the EU, turn GDPR compliance into business advantage.

Compliance Programs
We can show help you work out what is needed to comply with GDPR and then support you by providing a custom GDPR compliance program.
Gordian Privacy runs public courses in GDRP compliance that are ideal for those who are new to GDPR, and those who want more detailed information.
Gordian’s Representative Office is the link between the EU Supervisory Authority and your local Australian business that meets the requirements of Article 27.
As part of a compliance program, or as a standalone service we offer an outsourced “DPO as a Service” that meets the requirements of Articles 37-39.