A step-by-step roadmap to GDPR that also builds the structure your business needs to grow.
Built by a small business that understands the realities of running one. Limited resources and inconsistent cash flow are exactly why we created GDPR StepWise.
You are growing, but growth is exposing the gaps. Bigger clients are asking questions you cannot answer. You need a structured programme that builds your compliance infrastructure step by step.
You can’t confidently list what personal data you hold, where it’s stored, who can access it, or who it’s shared with.
You maintain a simple “data map” (record of processing): what data you use, why, where it is, who you share it with, and how long you keep it.
Teams use data because “we need it,” but you can’t clearly explain the legal reason. Privacy notices are vague or out of date.
Each activity has a written reason (lawful basis) and it’s explained in plain language in your privacy notice, as the ICO expects for transparency.
A “send me my data” request turns into a manual hunt across tools and inboxes. Deadlines feel risky.
You have a clear workflow and can respond within the required timeframe (generally within one month), with a consistent way to verify identity and track progress.
Security/privacy questionnaires stall deals because you don’t have proof - just best-effort answers.
You respond with evidence (documentation and repeatable controls). Cisco found 98% say privacy certifications matter in purchasing decisions.
New software gets adopted fast. Personal data spreads into tools with unclear ownership, contracts, or controls.
Every tool goes through a short privacy check. The ICO highlights contracts, documentation, and security as core governance measures.
Privacy tasks live in people’s heads. As headcount grows, mistakes and delays grow with it.
Privacy becomes a repeatable way of working. Cisco links privacy investment to operational efficiency (78%) and reduced sales delays (73%).
GDPR StepWise™ isn't just about passing an audit. It’s about building a structured documentation moat around your business without the cost of a full-time compliance team.
Not a lawyer. Not a folder of generic templates.
A structured ops programme for your data.
Register of processing, privacy notices, staff training records, breach response plans, and supplier contracts.
Pass client legal reviews and answer due diligence questionnaires in hours, not weeks. Evidence your business runs to a standard.
Stop stalling deals at the legal review stage. Win bigger enterprise contracts by proving your data maturity instantly.
"Most compliance programmes leave you with a folder of documents. GDPR StepWise™ leaves you with a business that scales without the chaos."
GDPR StepWise™ builds both your compliance documentation and your internal operational structure simultaneously.
A structured programme designed to be built in sequence. Buy the full programme for maximum speed, or purchase steps individually as you grow.
Buy one step or all ten. Pay as you go or in one go. Every tier delivers the same documented, ICO-aligned output. The difference is how much of the heavy lifting you do yourself.
Done by you
Best for: founders who want full control and have the capacity to work through each step independently.
Done with you
Best for: teams who want expert input at each step without outsourcing the whole programme.
Done for you
Best for: businesses that lack the time to be involved, with active due diligence requirements or contract timelines.
"A free 30-minute call. I'll tell you honestly what your business needs, which tier makes sense, and whether you even need the full programme. No pitch, no pressure. If StepWise is not the right fit, I'll tell you that too."
Book a Free Audit CallTakes 30 minutes. You will leave with a clear picture of where you stand.
The best people to work with and the best choice if you want to be sure that your business remains compliant with the ever-changing law.
I was drowning in paperwork before StepWise. Now my team has a clear schedule and I finally have the data map our biggest clients were asking for.
Tiago and the StepWise programme took the stress out of our vendor audits. We are now fully documented and ready for any security questionnaire.
Tiago Lourenco is a PMP-certified project manager based in London. He designed GDPR StepWise™ to help fast-growing businesses close operational gaps and build a documentation moat that scales with them.