About Us

Mandy Webster is a lawyer with an in-house career spanning 15 years as a company secretary, compliance officer and business lawyer. She has been helping her clients with data protection and e-commerce issues since 1999.

Mandy is author of “Effective Data Protection” and the ICSA “Data Protection Troubleshooter” published by ICSA Publishing Limited and “Data Protection for the HR Manager” and “Data Protection in the Financial Services Industry” published by Gower. Mandy is a well-known writer, commentator and speaker on data protection.

We offer data protection audit, advice and training to a range of clients from all sectors including financial services, the property sector, professional institutes, recruitment consultants, schools, manufacturing and the retail sector.

“Data protection is my specialisation and my passion.

It’s all I do. I specialise to bring you the best possible service.”


Please leave your details below to find out more about our advice services.

Alternatively call us on 01283 516 983 or mobile 0753 850 1056.

Mandy Webster Signature

Mandy Webster

Data protection auditor and trainer

image of mandy Webster - Lawyer and Data Protection / GDPR expert consultant
Waves representing Managed waves of GDPR Data ready for toolkits and DPO Support Packages & Templates to download or buy

Let’s Talk

If you would like information about how we can help, then please get in touch.

Thoughts. Insights. Perceptions

Risk not size is the frame of reference for data protection.

“Big companies may have uncomplicated data processing activities, small companies can have extremely complex data process maps, especially “virtual” companies.  We measure the data protection compliance input based on the risk presented by data processing activities not the size of the organisation.”

Compliance with the data protection principles is the current risk.

“Although the ICO is committed to introducing GDPR provisions gently initially, that will not extend to compliance with the principles that have been law for decades. Failure to comply with the principles could also now attract large fines under GDPR.”

The answer is never

“With data protection it is often not that you can’t do something, but more that you have to do it in a certain way.”