Professional help with the GDPR
is affordable and does not have to be a barrier
to your business success.


The GDPR doesn't apply to Small Businesses

This is not true for so many reasons!.

SME's make up more than 99% of businesses in the UK are SME's and 95% are less than 10 employees, so the ICO are not going to restrict thier regulatory activity to only 5% of UK businesses.

You only need to look at the ICO's Enforcement section on thier website to see that a high proportion of action is taken against SME businesses.

Our risks are low because we are a small business

Actually, the statistics show that small businesses are the highest risk!

Our research conducted with the UK's Data and Marketing Association clearly showed that small business owners do not fully understand thier obligations and have not taken the steps they need to ensure secure and controlled information processing.

The GDPR will prevent me doing business

Far from it, the GDPR can help you become a better business, or even grow your business.

It helps you put in place the control and stability in your businessa activities that make you inherently more secure.

It also builds trust with your customers because you'll be open and honest about what you do to keep information safe.

I could just copy someone elses policies, download templates or buy templates

Correct, you could, but that doesn't mean you'll be doing everything you should or can correctly.

The ICO's regulatory action here is a classic example of this. This small business used templates, relied upon a Privacy Policy written by and even had a solicitor on board to help them, yet they still failed to adequately apply those templates to thier own business. The business did not experience a data breach or information security incident as most people would consider it, but they did fail in fundamental control and ability to demonstrate accountability for their business.

We've never had a data breach, we've got nothing to worry about

It's no longer a case of "if" you have a data breach, it's "when".

Have you or a colleague never accidentally sent an email to the wrong email address or sent and email to multiple recipients that really did not need to know who else that email had been sent to?

Although most ICO activity stems from reports by members of the public or other "reports", there have also been cases raised by "ethical" hackers who've found vulnerabilities serious enough to be reported, but you don't even have to have experienced a data breach to fall foul of a regulatory investigation. The same incident mentioned above (here) did not arise out of a reported data breach, or even a customer complaint. It was a completely unrelated matter which led to the ICO's investigation.


There seems to be a common belief is that expert advice is expensive, and that simply is not true!

Cost is highly dependent upon the size and complexity of your business and it's processing, but on average, the cost to engage experts in information security and data protection is less than the cost of employing a Temp Administrator or Receptionist for 30 hours a month!

  • If you want to go down the templates and DIY route, we can advise you and help you do that for as little as £395, and we'll even give you professional templates to use!
  • Alternatively, if you want experts on hand 24x7 to work with your business and handle all this extra work for you, we can do that too for as little as £295 per month.


On your quest to find the perfect Privacy as a Service partner for your business;

  • Question Qualifications - Ask them about thier qualifications. Holding a GDPR certification is one thing, holding a certification in all Privacy and Data Protection law is something else.
  • Understanding - Be confident that your chosen advisor wants to understand you, understand your business and understand your goals to ensure the end results work for your business.
  • Experience - Look for someone with experience in business data processing as well as Data Protection, Information Security and relevant laws.
  • Savvy - Has the partner the experience to think outside the box and look for solutions and apply knowledge to solve problems, rather than dismissing your needs "because the law doesn't allow it"?
  • Trust - You need to have full trust and confidence in your chosen partner as they could be advising you in areas having direct impacts on your customer perception and business reputation.

Most of all, you'll want someone who comes highly recommended by people who have first-hand experience.

It costs nothing to talk

You have nothing to lose by taking advantage of our free initial consultation.

We'll talk to you about your own specific business needs and challenges.

We won't judge you, or pressure you and we really do want to help, so give us a call, or fill out the form here and we'll be in touch.

Call us on 01604 808951

Subscribe to our monthly eNewsletter and keep up to date with the latest business news, events and useful information.

how can xynics help?

We'll take the pain and worry out of GDPR compliance so you can focus on your business whilst reducing your risks and still getting the full benefit from your data.


We'll advise you on how GDPR and other Privacy and Data Protection laws apply within your business.


We'll help you to undertake (or conduct for you) a discovery process to ascertain what personal, confidential or business critical data your business collects, holds and and uses.


We'll help you to draft policies, procedures and document your business data flows so everyone knows what's expected.


We'll guide you on implementing new GDPR-compliant information security policies, procedures and data activities, including education and training for you and your staff.


We'll help you to draft privacy statements and consent mechanisms.


Under GDPR, the penalties for non-compliance are potentially high, up to €20 million or 4% of annual global turnover. We'll help you minimise the risk to your business and keep you compliant.


Want to know more? Let's talk.

Get In Touch