Do I really need GDPR or data privacy support?

Yes, if your organisation handles personal information about anyone (customers, clients, employees, volunteers), you have legal obligations under the GDPR. But it doesn’t have to feel complicated or scary! I can help you meet those obligations with practical, human-centred systems that work for your business, not against it.

I’m a small charity / non-profit / values-led business. Is this relevant for me?

Absolutely! Whether you’re a community project, ethical small business or not-for-profit, GDPR applies if you process personal data. My approach is tailored to the size, mission and existing systems of your organisation. You won’t get generic templates or unnecessary bureaucracy, just frameworks that are ethical, compliant and manageable.

Why should I worry about this when so many other organisations don’t bother?

It’s true, and I totally get it! Plenty of organisations cut corners or ignore data privacy altogether. And yes, they might “get away with it” for a while. But building your business on that kind of luck isn’t sustainable or ethical.

Data privacy is ultimately about trust. It’s about showing your clients, customers or community that you take their personal information, and their confidence in you, seriously. Doing the right thing protects your reputation, strengthens relationships and sets you apart from competitors who take shortcuts.

Compliance isn’t just a legal obligation; it’s an act of respect. When you treat people’s data with care, you show integrity, and that’s something that can’t be faked.

What does “ethical, human-centred data privacy” mean?

It means building your privacy systems around respect for people and your values, not just legal compliance. You’ll know exactly what personal data you’re collecting, why and how it’s protected. Your clients and supporters can trust you, and you can focus on the work that matters most, all without drowning in policies or paperwork.

How does The Privacy Lighthouse help with GDPR compliance?

I offer hands-on support tailored to your organisation, including:

• Designing bespoke GDPR frameworks that fit your existing tools and processes

• Reviewing and improving your data collection, storage and sharing practices

• Simplifying privacy notices, consent forms and internal documentation

• Embedding privacy and ethical data practices into your business culture

No one-size-fits-all templates, no hidden charges and no scaremongering. Just clear, actionable guidance.

How much time and effort will this take?

That depends on your starting point. Some organisations already have a privacy framework in place and just need focused support to refine and implement it. This typically takes around 6–10 weeks. Others are starting from scratch and need a complete framework built and embedded, which can take 10–14 weeks or more, depending on the scope of work. My goal is always to make the process as simple, transparent and collaborative as possible. I do the heavy lifting — researching, drafting and building — so you can focus on your mission. All I ask is that you’re open, responsive and ready to work together towards a privacy approach that truly fits your organisation.

I’ve downloaded free GDPR templates before, so why do I need you?

Free templates can be a useful starting point, but that’s all they are. They’re generic, surface-level documents that rarely reflect how your organisation actually works. True data privacy compliance isn’t about filling in blanks; it’s about embedding good data practices into your culture and systems.

I design tailored privacy frameworks that go beyond paperwork, helping you build practical, sustainable processes that are compliant, ethical and easy to maintain. In short, templates give you documents; I help you create a privacy programme that actually protects people and supports your mission.

How does this support my organisation’s mission?

Good data privacy builds trust with your clients, supporters and team. By embedding data privacy and ethical practices into your organisation from the start, you show that you respect people’s data, and your mission benefits from that credibility.

How do I get started?

Simply book a free consultation via the button below, or submit your questions via the contact form. We’ll discuss your organisation, your current processes and how I can support you with a GDPR framework that works for your values and your workflow.