About GRCI Law

As a GDPR.co.uk customer, you are part of the GRC International Group family, a leading global provider of cyber risk and privacy management solutions, with a special focus on cyber resilience, data protection, the PCI DSS (Payment Card Industry Data Security Standard), ISO 27001 and cyber security.

How GRCI Law is different

As part of GRC International Group, GRCI Law and GDPR.co.uk provide schools and organisations with privacy and legal expertise.

The group is made up of the following businesses

• GRCI Law – a legal, risk and compliance consultancy firm specialising in data privacy.
• IT Governance – face-to-face and online training and consultancy services, and Cyber Essentials certification and support.
• GRC eLearning – e-learning and self-paced learning solutions.
• IT Governance Publishing – print and audio books and document toolkits.
• Vigilant Software – delivering compliance software.

GRCI Law is a subsidiary of GRC International Group PLC.

GRCI Law is a legal, risk and compliance consultancy firm, advising clients in the fields of data protection, data privacy, and cyber security and information security law. We are at the forefront of developments in this constantly evolving, challenging and complex field.

Led by our team of experienced DPOs (data protection officers), lawyers, barristers, and information and cyber security experts, we provide DPO, breach, data privacy management and data subject access request support, and associated non-reserved legal services. The GRCI Law team speaks several languages, including Spanish, French, German, Italian, Greek and Afrikaans.

Want to know more? Download our brochure

Download our brochure to find out about the services we offer our clients >>

All the GDPR support you need

• Clients often struggle to manage their GDPR compliance programmes. Our Data Privacy Manager Service can help.
• Reviewing contracts to ensure they are aligned with the law is a challenge for anyone without a legal background. Our Legal & Contracts Service can help.
• The GDPR has created a huge demand for appropriately experienced and knowledgeable DPOs that far outstrips supply. Our DPO as a Service (DPOaaS) can help.
• When data breaches occur, time is of the essence. To meet the GDPR’s 72-hour personal data breach reporting requirement, you need to respond appropriately and effectively. Our GDPR Breach Support Service can help.

GRCI Law has the required knowledge and experience to help in these situations. We are qualified lawyers, and cyber security, information security and data protection practitioners with years of experience.

Because we aren’t a traditional law firm, we don’t have to deal with the additional red tape and regulation that they do, so we can help you faster and at a better price.

Although we are part of GRC International Group, GRCI Law is a wholly independent company with its own management structure and staff. This means we can provide our services entirely independently of our other group companies.

The benefit is that any remediation work we recommend can be carried out by IT Governance consultants without fear of any conflict of interest arising. We are able to independently review that work and conduct an internal audit to provide independent assurance that a client’s risk management, governance and internal control processes are operating effectively.