About Us

data protection 4 business

Data Protection 4 Business supports your organisation with compliance in the 2018 EU General Data Protection Regulations through our data protection consultancy services.



We take a hands-on approach to ensure your business meets GDPR and the UK Data Protection Act 2018 through effective operational and data management processes.


On your side

We believe that small and medium-sized businesses carry an unfair burden to comply with data protection regulations and effective data management. We provide affordable consultancy and online training which enable you to meet these responsibilities.


Pragmatic simplicity

Data protection regulations can be confusing. There is the GDPR jargon.  There are myths.  These can be unhelpful and confusing.  We provide a service based on years of experience in the implementation of change and regulations into a wide range of organisations. So you get simple, clear and streamlined solutions based on the needs of your business.


We do the legwork

You need to be kept up to date with the latest guidance from the data regulators. We make sure we’re at the forefront of the data protection community keeping abreast of developments so that you don’t have to.



You’re not alone in this. Many of our clients share similar data protection issues so we work with the wider data protection community to pool our knowledge and provide you with the best service.


Online, Onsite, Outsourced

Our consultancy services are designed to meet your needs based on your business needs and the data risks applicable to your business. We deliver our consultancy and training services online, onsite or through outsourced Data Protection Officers and EU Representatives..

  • Training – We offer both online and onsite training courses, depending on your needs.
  • Assessment – We take the time to assess your operations so that work can be prioritised according to your business needs and agreed goals for compliance.
  • Deliver – We guide you through all the changes in easy steps keeping you updated with progress at all times. We keep everything on track with regular meetings, hands-on assistance, and updated task lists.


Our clients are small and medium-sized businesses. We specialise in SME organisations such as start-up technology companies, schools, medical practices and sports clubs who need a simple, effective approach to data protection.


Our goal is to keep data protection compliance simple, using our SMART approach. This means your compliance is measurable and you reduce your risks.


Our aim is to take the strain of ongoing compliance – providing you with guidance and support when you need it.



We do the legwork.  So you don’t have to.

Everything you need.  Nothing you don’t.



Be Data Smart. Be GDPR Compliant. Data Protection is here to stay

Karen Heaton

Karen founded Data Protection 4 Business to provide hands-on  implementation services and training to help SME’s become and maintain compliance with the new EU General Data Protection Regulations and UK Data Protection Act, which came into force in May 2018.


With a background in Financial Services and Technology, Karen has over 20 years of business, change management and systems implementation experience in the UK, Europe, Australasia and the Caribbean.


Karen has been responsible for managing multi £m change and regulatory projects embedding new technology, data and operational processess into a variety of Banks, Wealth Managers and SME’s.


Awarded a Distinction in her MBA, Karen is a Certified Information Privacy Professional Europe (CIPP/E) and Certified Information Privacy Manager (CIPM).  In addition, she holds practitioner certifications in: Programme Management (MSP);  Project Management (PMP & Prince2).  Karen is also a Fellow of the Chartered Management Institute and has published a study on software projects.