| Services | Support frequency per band |
| Creation of a data protection programme of work or review of your current data protection programme of work to ensure it covers key elements of the accountability principle. | Annually | Annually | Annually | Annually |
| Review of your record of data processing activities and advice on any gaps or any areas where clarification is required. | Annually | Annually | Annually | Annually |
| Review of all required data protection policies. | Annually | Annually | Annually | Annually |
| Review and update of your privacy notices (customer, employee and recruitment). | Annually | Annually | Annually | Annually |
| Review of a sample of correspondence from and to data subjects to ensure that data protection issues are being identified and dealt with effectively. | Annually | Annually | Annually | Annually |
| Conducting a DPO RAG onboarding report on all areas of data protection compliance. | Annually | Annually | Annually | Annually |
| Provision of face-to-face or virtual training sessions on a specific GDPR topic (a maximum of two hours per session). | Annually | Bi-annually | Bi-annually | Bi-annually |
| Preparation of a GDPR risk dashboard with key compliance indicators such as number of data breaches, DSARs, DPIAs and training. | Quarterly – 1 hour | Monthly | Monthly | Monthly |
| Regular DPO call/meeting to run through the DPO POW, action tracker of current data issues DPIAs and LIAs, DSRs, data incidents and ad hoc queries. | Quarterly – 1 hour | Monthly – 1 hour | Bi-weekly – 1 hour | Weekly – 1 hour |
| Ad-hoc support to include data breach support, DPIA reviews, LIA reviews, article 28 compliance reviews. | Not included | Monthly – 2 hours | Monthly – 8 hours | Monthly – 19 hours |
