Service

DPO-as-a-Service for AI companies

Ongoing data protection officer support on a monthly retainer. For companies running AI systems who need a practitioner who understands both the law and the architecture.

CIPP/E certified. Reachable. Documents your systems, advises on changes, handles breach notifications and data subject requests, keeps your CAR / DPIA / privacy notices current.

Book an introductory callSee sample deliverables

From £500/month. 12-month minimum. Quarterly reviews.

When you need this

One-off compliance projects work for one-off problems. Most AI companies have ongoing problems.

Your AI system keeps changing

You added a new vendor. Switched LLM providers. Pushed a feature that processes new data. Each change ripples through your DPIA, your privacy notice, your DPA register. A monthly retainer keeps it all current instead of producing one big mess every time you raise.

You're hitting GDPR Article 37 thresholds

You're processing personal data on a large scale or doing systematic monitoring. The regulation says you need a DPO. Hiring one costs £80-120K/year. A retainer covers the same role for a fraction.

You don't have time to keep up with enforcement

The ICO publishes new guidance. The EU AI Act phases in obligations. NDPC investigates a competitor. You shouldn't have to track all of this. Your DPO should — and tell you what changes for your business.

What's included

Documentation

  • DPIAs for new AI systems
  • Privacy notice updates as products change
  • Records of Processing Activities (Article 30)
  • DPA register and vendor reviews
  • EU AI Act technical documentation

Operations

  • Data subject access request handling
  • Breach response and 72-hour notification
  • Regulator liaison (ICO, DPC, NDPC)
  • Quarterly compliance reviews
  • Vendor due diligence on new AI providers

Advisory

  • Architecture review on new features
  • Pre-launch compliance checks
  • Monthly office hours (slack or async)
  • Regulatory horizon scanning

Designated DPO role

  • Named external DPO for your organisation
  • Listed on your website and registers
  • Reachable for staff and data subjects
  • CIPP/E credentials apply to your filings

Pricing

Foundation

£500

/ month

For small teams running 1-2 AI systems. Quarterly reviews, documentation maintenance, async advisory.

  • 2 hrs/month advisory
  • Quarterly compliance review
  • DSAR and breach support
  • Email response within 48 hours

Most chosen

Operating

£1,000

/ month

For active product teams shipping AI features regularly. Monthly reviews, full DPO designation, ongoing documentation.

  • 5 hrs/month advisory
  • Monthly review + horizon scan
  • Designated DPO role
  • Pre-launch reviews on new features
  • Slack / async access

Programme

£1,500

/ month

For companies with multiple AI products, multi-jurisdictional operations, or active regulatory scrutiny.

  • 10 hrs/month advisory
  • Bi-weekly reviews
  • DPO across UK + EU + Nigeria
  • Regulator liaison and audit prep
  • Priority response (24 hrs)

12-month minimum commitment. Quarterly invoicing available. Pricing fixed for the term.

Sample Deliverables

See the work before you buy

Blog posts explain the ideas. These sample deliverables show what the work product actually looks like.

Most useful for GDPR + AI buyers

Sample DPIA structure for an AI chatbot

A redacted outline showing the sections, risk analysis, and controls we include in a real AI-system DPIA.

View sampleDownload PDF

Quick proof of practical drafting

Sample privacy notice update

A before-and-after example showing how a privacy notice changes once an AI system is introduced.

View sampleDownload PDF

Useful before hiring any AI vendor

AI vendor due diligence checklist

A practical checklist covering DPAs, retention, subprocessors, transfers, security, and exit risk.

View sampleDownload PDF
Book an introductory call

Want to talk it through?

A 30-minute introductory call to see if there's fit. No obligation.

Book a call