Challenge

What challenges were you and your team experiencing prior to working with us – what prompted you to seek a solution? We were a fast-growing business that focuses a lot on people data. Because we didn’t have anyone dedicated to looking at it, we felt we had a compliance risk. A Data breach for us would be the worst thing given the nature of our work, so it was really important for us to take a strategic approach to our obligations and get it right. We also had time restraints as no one had time to dedicate to data protection and no one was formally trained within our business to look at it –  so it was an easy solution for us to outsource and gain a level of knowledge we wouldn’t be able to afford ourselves.

If you’re experiencing similar challenges within your organisation and you’re unsure whether to hire a DPO internally or to outsource, we have a really useful article that will help you make that decision: Should you outsource your DPO? 

How did you go about searching for the solution and services? We did an initial Google search, and got a couple of quotes from organisations that offer similar services to Evalian.

Please describe the reasons you decided to work with us. Evalian seemed really personable, it wasn’t a decision based on cost – more so the ease of the sales process, everyone was quite factual, and there was no hard sales pitch. Evalian very much came in and said “don’t worry we’ve done this before, we know exactly what is needed for your organisation”.

Did you have any expectations going into the process? I didn’t have any expectations as such as we hadn’t had the service before. When GDPR first started we had a consultancy do a compliance audit for us, so I expected something similar. The support we got from that audit was basically a list of things to get fixed. But Evalian has done an audit and supported us through how to improve our compliance and focus on the areas that needed more work so that sort of end-to-end support has been what we needed.

Solution

Can you describe the process we took your business through and anything you learnt about your own business through working this way? We had an initial Gap analysis, and Evalian got up to speed with our business and objectives. We are growing very quickly and going into new markets frequently, initially, it was with projects in the UK – but now we work globally and Evalian works with us on that, looking at it with fresh eyes and a whole new strategy.

The process has felt relaxed in that Evalian gives us all the information we need, and it is presented in an easily readable format so we know what the priorities are. We meet Ravi monthly, at a minimum which keeps us on track. It’s helpful to have those regular check-ins and the nudges we need sometimes to keep things moving forward. That constant support is what you want from an outsourced DPO partner. Ravi was there when we created the Mauritius entity, supporting us to get the documentation together, and it’s been a smooth process. We also have financial services clients who have very high standards but everything passed straight through the first time so we’re really grateful.

Were there any challenges you found along the way and how did you feel we or your consultant, helped to support you through that? The challenges for us were really just the resources from our side and getting enough time needed to focus on everything. There haven’t been any other challenges – any policies we need, Ravi provides us with the relevant templates to start from, so it’s felt like a straightforward process.

What changes did you make as a result of working with us? We definitely have a better awareness of data protection compliance. Everyone gets trained by Evalian through the online GDPR course, which has been really good. Because we’re talking about our policies and processes monthly, it’s constantly on the agenda and it reminds us to talk to the wider team. We don’t change anything without checking with Ravi first to ensure everything is correct, and if there’s something to pick up, Ravi will find it, which is exactly the level of service we need and takes the pressure off.

Impact

What has been the most significant achievement for your business facilitated by using our services? The biggest thing is probably now having that confidence in our compliance obligations. You think you’ve got everything together, but until an expert has been through it and said “yes everything is correct” then you’re never really 100% sure. Because our data is such an integral part of our business, and our reputation could be damaged if there were to be a breach, we like to have that partnership and level of knowledge that we can rely on.

What impact has the results from working with us had on your clients/stakeholders? I know if we were to suffer a data breach, we wouldn’t worry as much, I feel like we now have the resources in Evalian to support us successfully through it and with minimum impact. So that is invaluable.

Anything to add? I always like to ensure our employees are happy and can work from anywhere, that’s really important to us, I get the impression that Evalian adopts a similar ethos to us which makes me really happy to be working in partnership.

Ravi is fantastic, he makes us feel at ease and not worried about any new policies, we know if Ravi hasn’t picked something up in a document, no one will, I feel like he cares and wants our compliance to be perfect. It’s refreshing to get on a call with someone and for them to genuinely seem to care about us as individuals, and our business.