Gold Package

For fast growing organisations

Vast amounts of personal data flows through all organisations every day. Data received, data processed, data stored, and data archived.

Our gold package is designed to protect you as your organisation scales up and as compliance requirements change. It’s ideal for ambitious SME businesses and organisations with up to 10 staff.

You’ll receive all the data protection services included in our silver package.  In addition, your gold package protects international data transfers, document and data retention processes, and personal data processed by external 3rd party partners.

This package is designed to minimise risk as you grow, keeping you safe and legal, whilst removing any concerns you may have.

Our Gold package costs £995 + VAT

Here's what you get

All the benefits of the silver package, plus...

Working from Home – Working from home means freedom and greater flexibility – and new challenges. Remote or flexible working means that information is being transferred even more widely than before and it’s easy to see the implications this may have for personal data security and for practices surrounding commercially sensitive data. 

CSRB has developed expert guidance to help you remain compliant, wherever you are working.

International Data Transfers – Transfers of personal data to or from other countries (including European countries), carry a high level of risk to the organisation, if the appropriate safeguards are not adhered to.

CSRB will advise on your responsibilities and recommend the appropriate actions if you are a UK based business or organisation subject to the UK GDPR.


Data Processing Agreements – Every organisation which collects or handles personal data has a responsibility to the individual to protect their personal information if it is processed by external suppliers such as accountants, IT support providers or solicitors. 

To do this, you need to make sure that all third parties have data processing agreements with you. CSRB draws up these data processing agreements on your behalf.

Retention & Disposal Schedule – Each organisation is required under UK General Data Protection Regulations (UK GDPR) to have an appropriate retention schedule outlining storage retention periods for all personal data collected. This needs to be reviewed annually. In addition, methods of destruction of the data, should be detailed in the same schedule. CSRB compiles and reviews this schedule with you.