Data privacy services

Data privacy services

There has been an unprecedented shift on data privacy regimes across all industries especially with the advent of the GDPR. The regulation brought into play some of the most transformative regulations that has seen many institutions redefine their business models in line with management of personal data.

We believe that our suite of products and services will help you establish a trust-centric ecosystem with a strong privacy regime which will certainly help you overcome privacy challenges. Whether your requirements is all about your maturity in line with compliance to a privacy regulation, or understanding your risk exposure in line with the trending risks on data privacy, or you want to provide your stakeholders that assurance on the safety of their personal data or re-engineer your privacy governance to show trust, we are your best option and can tailor any of our offerings below to suite your needs:

Privacy Assessment offerings

Data privacy maturity assessment: This entails performing current state assessment and gap analysis to determine the capability of the existing data privacy program in the protection of personal data and data subjects.

Data Protection Impact Assessment: This service entails reviewing the privacy program by evaluating the design, implementations and operating effectiveness of the various controls, governance, processes, and technology to assess the risk of harm to data subjects through misuse of their personal information

Data Governance: We perform enterprise-wide data discovery, traceability, data lineage, data flow maps, data processing registers and quality governance

Privacy documents reviews: We perform review of contracts, agreements, Binding Corporate Rules (BCRs), Terms of references (TOR), Policies, Notification templates etc. to ensure that provisions of data privacy are articulated in a comprehensive and appropriate manner. This is done especially for scenarios that involves third parties and partners, on mergers and acquisitions and on customer onboarding.

Privacy Assurance and transformation offering

Privacy audit services: This service entails providing assurance on your preparedness for privacy and data localization audits, and developing assessment framework on privacy risk for your internal audit and enterprise risk management

Advocacy assurance: This service entails providing representation to the data commissioner to help you get your licenses and approvals

Privacy strategy advisory services: We help build tactical/short term and long-term strategies on data privacy to enhance the eminence of your data privacy program with both the regulators and your stakeholders. This involves developing evaluation matrix for reporting performance of the program at any given time. It also entails developing global data transfer strategies and data retention strategies.

Privacy Operations offerings

Training and awareness: We offer customizable privacy awareness and Information Security trainings through online, classroom and bespoke setups in a way that is convenient, comprehensive, and interactive ways. The trainings are offered by our fully qualified resources in the respective areas of expertise.

Privacy enhancing security services: We help with the implementation of data protection security measures including tokenization, anonymization, pseudonymization, identity and access management for personal data, Source code review and development monitoring.

Policies, procedures, and standards reviews: We not only review your privacy policies, procedures, and standards, we also enhance them to ensure they are consistent to the needs of the privacy obligations and data privacy transformation.

Legal advisory and support offerings

Legal reviews services: We will help with the development of the privacy statements for your products, websites, and other platforms. We also develop privacy policies where it is non-existent, enhance the current ones to be more comprehensive and develop and enhance your terms of references

We review contracts and agreements to ensure they adhere to the obligations defined in the privacy regulations.

We also develop the Binding Corporate Rules (BCR) to make privacy compliance easier for companies with multiple subsidiaries for easier exchange of information.

Managed Data Privacy offerings

We offer DPO-as-a-Service by leveraging our technical, governance and legal expertise and resources. This entails providing the following services:

  • Conducting quarterly privacy audits
  • Development and maintenance of the privacy plan
  • Performing data protection impact assessments on new sets of data deemed personal.
  • Being the Liaison between you and the supervisory authorities
  • Responding to a data breach
  • Responding to data subject access requests
  • Reviewing and maintaining privacy documentation every quarterly
  • Providing advisories on all clients’ privacy and data protection obligations.
  • Training and awareness of internal staff, Board of directors, clients, third parties and connected partners.

Privacy by design services: We can provide you with support to implement privacy aspects in your product and services development.

Data privacy Compliance prospectus



Nash Consult LLC
Färögatan , 164 51 Kista
Stockholm, Sweden.
Tel: +46 (0) 76 248 77 14

Marsabit Plaza, Ngong Road
Nairobi, Kenya.
Tel: +254 (0) 102 928 094