✓ Practical GDPR for EU SMEs

Audits, implementation, and ongoing support.

Practical GDPR Compliance For EU SME's & Organisations

Stop guessing about GDPR. Get a clear snapshot of your business / organisation or website, practical implementation in simple language you can actually use with your team.

Get Started Free website compliance snapshot

Designed for micro and small businesses · Works with WordPress, Shopify, custom builds, and more.

How your GDPR journey with us works

We keep things simple: one clear snapshot, one focused implementation, and optional ongoing support.

•
1. Free website snapshot
We scan your website and map obvious GDPR issues: cookies, tracking, notices, and forms.
•
2. Compliance Meeting
A focused day after meeting to fix high-priority items: cookie banner, policies, records, and key processes.
•
3. Ongoing monitoring
Optional ongoing checks and updates as your tools or website change.

Become Compliant

Full process including template reveiw & creation may require more time

Start learning

Understand the core building blocks of GDPR

These short guides explain the essentials in plain language. Each page links directly to templates and services you can use right away.

Explainer

What is GDPR?

A plain-language overview of the General Data Protection Regulation: who it applies to, what it covers, and what happens if you ignore it.

Read the overview →

Explainer

GDPR requirements for your business

The concrete obligations most small businesses face under GDPR: records, legal bases, notices, and security.

See the key requirements →

Explainer

The 7 GDPR principles

Lawfulness, fairness, transparency, purpose limitation, and other core ideas that shape every GDPR decision.

Learn the principles →

Explainer

GDPR data subject rights

Access, erasure, portability, objection and more: what people can ask you to do with their data, and how to respond.

Understand the rights →

Explainer

Controllers and processors

When are you a controller, when are you a processor, and why does it matter for contracts and liability?

See controller vs processor →

Explainer

Lawful bases for processing

Consent is not the only option. Understand the six lawful bases and which ones fit typical SME scenarios.

Explore lawful bases →

Hands-on support

We don't just give you PDFs. We sit down and fix things with you.

Many GDPR tools stop at auto-generated policies or dashboards. We focus on real-world implementation: mapping your tools, adjusting your consent flows, documenting decisions, and training your team.

✓
On-site or remote GDPR audits designed for small teams and owner-led businesses.
✓
Cookie and tracking compliance that actually matches how your site and analytics work.
✓
Privacy notices, policies, and records built from your real data flows, not generic templates only.
✓
Support for DSARs, complaints, and questions from regulators or customers.
✓
Optional ongoing check-ins as your tech stack and website change.

GDPR Audit details Compare all services

Typical clients: 2–50 staff, EU-based, online-first, using tools like Google Analytics, Meta Ads, HubSpot, Shopify, WordPress, or custom stacks.

Service

Micro-business GDPR audit

A focused review for solo founders and micro teams. Understand your current risk and get a simple action list.

Service

One-day compliance implementation

One intensive day to align your website, notices, and key processes with GDPR in practice.

Service

Monitoring & support

Lightweight ongoing support for questions, updates, and changes in your tools or website.

Tools & templates You Need

Use practical checklists and templates as you implement GDPR

Start with a quick checklist, then go deeper with DPIA templates, data processing agreements, and breach response forms, each one crafted specifically for your business, not a generic template.

Checklist

GDPR compliance checklist

A step-by-step list of common GDPR tasks for websites and small businesses.

View checklist →

Template

DPIA template for small teams

A simple, structured impact assessment template you can actually complete without a law degree.

What Is DPIA? →

Template

Data processing agreement template

A starting point for controller–processor relationships tailored to typical SaaS and service providers.

Use the DPA template →

Form

GDPR data breach form

Capture the details you need if something goes wrong, so you can respond quickly and correctly.

See breach form →

Prefer to have someone walk through this with you? Contact Us and we'll use these tools together.

Who we help

Focused on EU small and digital-first businesses

We work with founders, operations leaders, and in-house marketers who need GDPR to be clear, practical, and aligned with real-world tools.

Industry-specific guides

Each guide explains typical data flows, tools, and risks for your industry, with example records and checklists.

Small businesses

Owner-led companies, agencies, and local service providers.

Ecommerce & D2C

Shops using Shopify, WooCommerce, and custom carts.

SaaS companies

B2B SaaS with product analytics, marketing automation, and CRMs.

Healthcare & clinics

Handling sensitive health information and appointment systems.

Financial services

Advisors, accountants, and fintech tools operating in the EU.

Recruitment & HR

Agencies and internal talent teams managing candidate data.

Country-level context

The GDPR is EU-wide, but each country has its own regulators, guidance, and practical expectations.

GDPR in Belgium

Working with the Belgian DPA and local guidance.

GDPR in the Netherlands

Key points from the Dutch data protection authority.

GDPR in Germany

What to know about stricter expectations and Länder DPAs.

GDPR in France

Practical guidance and examples from CNIL.

GDPR in Ireland

Important if you rely on Irish-based tech providers.

GDPR in Denmark

What Danish SMEs typically face in practice.

FAQ

Common questions from founders and small teams

These are the questions we hear the most before an audit or compliance day. If your question isn't here, ask us directly.

Do I really need GDPR if my business is small?

Yes, if you target or serve people in the EU and handle personal data, GDPR applies. The way you implement it can be proportionate to your size, but ignoring it completely is risky.

Can I just install a cookie banner plugin and be done?

A banner alone isn't enough. You need to understand which tools set cookies, which legal bases apply, and how to reflect that in your notices and records. We help you map this properly.

Do you work with my existing lawyer or IT team?

Yes. Many clients have a lawyer or IT partner already. We focus on practical implementation and documentation, and can coordinate with your existing advisors.

How long does a typical GDPR project take?

A basic micro-business audit can be completed in days, with a compliance day scheduled shortly after. More complex stacks can take longer, but the goal is always to give you fast clarity and a clear plan.

Can you act as our external DPO?

In some cases, yes. In others, we provide a "DPO-style" monitoring and advisory service without formally being named as your DPO. We'll discuss what makes sense for your size and risk profile.

What does the free website snapshot actually include?

We look at your live website, cookies and tracking, consent flows, forms, and key notices. You get a short, practical summary of issues and a proposed next step. No hard sell, no obligation.

Ready to stop guessing about GDPR?

Start with a free website snapshot, then choose whether you want a one-day implementation or a full audit. We keep it practical, focused, and in plain language.

Book a GDPR audit Get free website snapshot

Transparent pricing · Remote or on-site in the EU · Designed for small and growing teams.