Data protection and GDPR services


Safeguard your client data


Businesses are increasingly reliant on valuable and high-quality data.

Protecting both internal and client data is the cornerstone of an efficient, proactive and compliant organisation.

Since the introduction of the General Data Protection Regulations (GDPR) in 2018, Ocorian’s compliance specialist subsidiaries, Newgate and Platinum Compliance, have been assisting clients globally with implementing clear and practical frameworks to help identify and manage risks to data protection.

Our wide experience across compliance, financial crime, risk monitoring and technology make us the ideal data protection services partner – we understand not only the internal workings of firms in this space, but also the inherent and emerging risks in the sector itself.


How we help


A Data Protection Impact Assessment (DPIA) is a process to help you identify and minimise the data protection risks of a project. You must conduct a DPIA for projects that are likely to result in a high risk to individuals’ data. We can assist.

Having assessed your data protection systems, policies and processes, we can work on improving the areas in need of attention.

We assist with the registration and reporting to the relevant Data Protection Commissioners. This includes drafting and oversight of GDPR manuals, EU model clause agreements, safe harbour arrangements, privacy notices and GDPR assistance.

The rules governing data management and handling can be complex and may require clients to dispose of older data. Our experts can quickly identify where you may be keeping data beyond the legal limit.

We understand that each business will have unique needs, so our flexible pricing model scales up or down to meet your requirements.


Why Newgate?

Expertise in data protection

We can help you draft a data protection policy, drawing on expertise from Newgate and across the Ocorian Group.

A client-centred approach

We understand that while data protection regulations apply across the board, each organisation has unique risks and needs. We go the extra mile to understand your specific needs.

Timely, ongoing reporting

Regulators are increasingly focused on how firms are maintaining their data resources. We work closely with you to demonstrate your continued commitment to compliance through reporting.


Data protection services

GDPR compliance

We will register and report to the relevant Data Protection Commissioner.

We provide drafting and oversight of

  • GDPR Manuals (Jersey)
  • EU Model Clause Agreements
  • Safe Harbour Arrangements 
  • Privacy Notices
  • GDPR assistance

Data risk assessments

We conduct data protection impact assessments (DPIA), data risk assessments and legitimate interest assessments around your firm’s data processing.

Data mapping analysis

We undertake a mapping process to ascertain what personal data you hold, why you hold it, where and how you hold it, how the data is accessed and who can access the data.

Monitoring program

We assist with the development of an efficient monitoring programme to ensure compliance with data protection.  In addition, undertaking periodic gap analysis reviews to ensure you remain compliant.

Data audits

We conduct annual independent data audits for your firms and its counterparties.

Policies, procedures and controls

We assist with the implementation or review of appropriate technical and organisational measures to ensure compliance.

Data training

We provide staff training around data protection, cyber security and fraud.

Impact assessments

We help to identify, assess and mitigate privacy risks in relation to data processing activity, particularly relevant prior to the introduction of new processes, systems or technology.

Privacy notice

Data protection requires transparency and the provision of accessible information to individuals about how their personal data is being used. We can help you to write a privacy notice to provide this information.

Provision of data protection officer

The DPO must have the freedom to act independently or in an independent manner. We can provide you with an outsourced DPO to develop, coordinate and manage your data protection requirements.

Bermuda and Cayman Islands data protection

We advise entities of their obligations under the Bermuda or Cayman Islands data protection regime including preparing or reviewing privacy notices/policies.


Get in touch

Get in touch to find out more about our services:

United Kingdom
+44(0)20 3696 8750

+44 (0)1481 725 775