Designed to enhance regulator-readiness, compliance and reduce risk while preserving the value of enterprise and personal data.

It is our mission to provide our clients with thoughtful legal and compliance services. Leading through innovation, automation where possible and streamlining traditionally cumbersome processes while never compromising on value and the customer experience.

At the heart of many DATA PRIVACY frameworks are common principles that are generally accepted such as collection limitation, fairness and transparency, purpose limitation, proportionality, the legitimacy of data processing, limited retention period, keeping data secure, and ensuring data is accurate and up-to-date.

Our data privacy team has expertise with privacy policies, processes and technology and can design, build, run, monitor, and enhance our clients’ data privacy risk management capabilities, delivering custom solutions no matter the company’s data environment or risk profile. From small engagements around specific regulations to ongoing managed services, we help each organisation better define, implement and operationalise data privacy programs.


Privacy Compliance Outsourcing

The privacy function of your organisation is key to any risk program. By outsourcing this function you save on costs while being serviced by qualified and experienced data privacy lawyers and risk professionals. We stand apart in that, together with our CYBER SECURITY division, are able to automate a large portion of the privacy function, enabling long-term compliance without key-man or key-supplier risks.

Data Incident Management

Determination of the extent of a data incident. Was it a data breach? Does it need to be reported to the regulators? Do we need to notify the data subjects and by when? These are the questions we assist with when something unexpected happens to data in your control.

Policy Drafting, Implementation & Training

Policies should work with the business to make processes easier and not enable compliance at the expense of business efficiency. We draft policies which allow your organisation to comply with the right legislation, in a pragmatic and accessible manner. We believe it is not just about having the right wording but for the policy to be applicable in your unique line of work and your company culture. This may involve the implementation of systems to streamline compliance or training to enable compliance by your staff.

POPIA Compliance Certifications

We perform gap analyses on your organisation to determine whether you are in compliant with the POPIA. If you are, then we allow you to display our certification trademark indicating as such. If not, we work with you to reach full compliance.

GDPR Representative Services

Article 27 (1) of the GDPR requires that data controllers or processors not established in the European Union (EU), to which GDPR applies, shall designate a representative in the EU. As part of the Atvance Group we may be appointed to act as your GDPR representative within the EU addressing queries for the relevant regulators or data subjects.

Privacy Programme Development

The development of a privacy programme is key to any data centric organisation. It involves the identification, tracking, and management of personal data from collection to deletion, in your organisation. Our privacy programme provides value beyond legislative compliance and risk management, as together with our data analytics division we increase internal efficiency in processing personal data and enable greater value to be obtained from the data itself.

Advisory Services

We assist clients in understanding how data privacy legislation affects their organisation. Our approach is wholly client centric in determining each client’s specific market, risk profile and key concerns. We align our advice accordingly and pride ourselves on pragmatic outcomes which enable our clients to do better business.

Brendon Ambrose


SA  |  +27 (0)82 524 8211

|     +27 (0)10 786 0223

NL TEL  |  +31 20 225 4863