Product FAQs

Prighter UK Lock

What services are included in the UK GDPR representation?

You are getting a legal representative plus an additional data privacy certificate and a data privacy management tool:

UK Representative:

By appointing PrighterUK-Rep as your representative, you have a highly professional team of privacy professionals at your side to deal with requests from data subjects and the ICO. When it comes to requests from the ICO we cover all the standard procedures such as requests to submit records of processing activities.

Privacy Certificate:

We provide you with your own branded privacy landing page containing your privacy and IT security certificates and your privacy policy. This is your window into the world of privacy-related matters and it will help you to increase customer trust and confidence by demonstrating your privacy regulation readiness. The privacy landing page also serves to verify your appointment of Prighter as your representative according to Article 27 UK GDPR, and serves as an access point for privacy related requests.

Privacy Management:

For any data subject requests (DSRs) from existing or potential clients we have built a tool to manage the lifecycle of such privacy requests. This saves you time, internal resources, and money, and reduces your compliance risk substantially. When it comes to supervising authorities, we cover all of their standard requests (e.g. requests to submit records of processing activities).

Are there any hidden costs?

No, our service is offered as a flat fee and we do not charge per request from data subjects. Individual legal services and add-on services are available upon request.

How many of our entities are covered with the subscriptions?

This depends on the plan you choose. With the Startup and Micro plans 1 entity will be covered, 2 entities will be covered with the Small, 5 with the Medium, and unlimited entities will be covered with our Large subscription plan.

Do you simply forward the requests from the data subjects and data protection authorities, or is there an actual handling of such requests?

We have built the Data Subject Request (DSR) management tool to channel, structure and filter all incoming privacy requests and handle requests from millions of data subjects. We cover all aspects of the formal handling of DSRs including the communication with data subjects. What needs to be done in your data base (e.g. delete a data subject), is always your own decision. The DSR tool is designed to manage the lifecycle of a data subject request to get all formal aspects right.

How responsive is your customer service?

Our team responds to any incoming requests within one business day.

Who is the team, their qualifications and experience?

Please visit the “About Us” section of our website for more information on our team.

How many offices do you have and where are they located?

We have proprietary and partner offices all over Europe, especially in Germany, France, Spain, Italy, Ireland, Belgium, Poland, Bulgaria, Austria and the UK to mention only some of them.

Does the contract with Prighter terminate automatically in case of a data breach?

No, we've got you covered as your representative. If you need assistance with handling the data breach, our data breach notification services are available as an add-on service.

Does Prighter provide support regarding data breaches?

Yes, we developed PrighterBreach to support you in handling data breaches. We take care of the risk assessment, the drafting of the notification and the handling of the process with the supervisory authority, if necessary. Should the high risk require a notification of data subjects we draft the text and provide a secure system for the information. Data breach notification services are available as add-on services.

How secure is Prighter?

We operate in a data center certified in the international standard ISO/IEC 27001:2013. By achieving compliance with this globally recognized information security controls framework, audited by a third-party, our data center has demonstrated a commitment to protecting sensitive customer and company information. That commitment doesn’t end with a compliance framework, but is a necessary baseline for security. Our systems are continuously monitored and updated. Communications with our web server is encrypted and regularly receives "A" grades from Qualys SSL Labs. Verify here. For transactional messages, we offer the option to encrypt them with your public PGP-key.

Is a compliance audit required to sign up?

We do not require any preparation on your side and you can easily sign up in a few minutes. If you do wish us to guide you through a GDPR audit process this would not be in the scope of your representation products and requires a separate mandate. As a privacy law firm, we can guide you through such services, so please contact us.

Does PrighterUK-Rep provide a Compliance Certificate for the representation?

We provide secure certificates to verify your appointment of PrighterUK-Rep as your representative according to Art 27 UK GDPR.

Do you offer NIS representation according to Art 18 NIS Directive (EU 2016/1148)?

We offer representation according to Art 18 NIS Directive (EU 2016/1148) for digital service providers (DSPs) to complete our one-stop-shop offering. Enjoy a consistent response without the need for coordination between different providers in cases of a security incident. Please contact us directly to get your quote for the service.

Does Prighter have adequate insurance to cover their liability risk?

As a law firm we are required to maintain a liability insurance due to our professional regulations.

Additional Representation Offer

BREXIT requires non-EU businesses to appoint both an EU and UK representative. Get a 20% discount on your additional representation plan until December 31st and get us to cover both economic areas!