Services & Pricing

Service packages designed to meet you where you are in your compliance journey. Each can be engaged independently or combined for end-to-end readiness support. See our methodology for how the readiness process works.

GDPR Readiness Sprint

2–4 weeks

Estimated range: $8,000–$25,000

Market-informed estimate — actual pricing depends on scope and complexity.

Deliverables

  • Record of Processing Activities (ROPA) draft with all Art. 30(1) fields
  • Lawful basis mapping for all identified processing activities
  • Data flow inventory covering internal systems, processors, and international transfers
  • Transfer mechanism assessment for all cross-border data flows
  • DPO necessity evaluation under Art. 37 criteria
  • Gap analysis against all GDPR chapters with risk-ranked findings
  • Remediation roadmap with prioritized action items and effort estimates
Get Started

GDPR Remediation Program

4–12 weeks

Estimated range: $15,000–$60,000

Market-informed estimate — actual pricing depends on scope and complexity.

Deliverables

  • Privacy notice updates compliant with Art. 13 and Art. 14 transparency requirements
  • Data subject request (DSR) workflow implementation with identity verification and response tracking
  • Consent management platform deployment with granular purpose controls
  • Processor agreement templates incorporating all Art. 28(3) mandatory provisions
  • DPIA process and templates aligned with Art. 35 requirements and EDPB guidelines
  • Breach response playbook with 72-hour notification procedures and decision trees
Get Started

GDPR Audit & Inquiry Support

During assessment

Estimated range: $5,000–$20,000

Market-informed estimate — actual pricing depends on scope and complexity.

Deliverables

  • Supervisory authority (DPA) inquiry response coordination and drafting
  • Evidence package assembly aligned with DPA request specifics
  • ROPA validation and completeness review
  • Processor audit support including on-site and remote assessment coordination
Get Started

GDPR Continuous Compliance

Ongoing (monthly)

Estimated range: $3,000–$10,000/mo

Market-informed estimate — actual pricing depends on scope and complexity.

Deliverables

  • Quarterly ROPA refresh incorporating new processing activities and changes
  • DSR SLA monitoring with response time tracking and escalation alerts
  • Regulatory update tracking covering EDPB guidance, member state law changes, and enforcement trends
  • Annual DPIA reviews for all ongoing high-risk processing activities
  • Processor re-assessment and agreement renewal coordination
Get Started

Who Does What: RACI Matrix

A clear engagement model ensures that responsibilities are understood from day one. The matrix below shows who is Responsible (R), Accountable (A), Consulted (C), and Informed (I) for each workstream.

Workstream Founder / CEO CTO / VP Eng Security / Compliance Ops / COO HR Eng / SRE Reviewer
Approve scope and goals A C R C I I I
Control design and mapping I A R C C R C
Policy adoption A C R R C I I
Evidence collection I A R C C R I
Vendor management evidence I C R A I I I
Review coordination I C A/R C C C R