About Us

Data Protection 4 Business is a privately owned consultancy providing affordable, practical and hands on guidance to help organisations become compliant with the new Data Protection Regulations, EU GDPR and UK Data Protection Act 2018.


We are on your side and believe there is an unfair burden on small and medium sized businesses to comply with Data Protection regulations.


We focus on providing affordable services that are flexible enough for you to choose what you need to fulfil your responsibilities under the regulations.


We are practitioners and realists with years of experience implementing change into a wide range of organisations.


We are pragmatic and uncomplicated.


We can deliver operational and regulatory changes within a minimum of fuss.


We debunk the myths and jargon to bring clarity to complex regulations.


We keep up to date with the latest news and developments in the Data Protection community through our professional memberships.


We collaborate with other Data Protection consultants sharing common problems and solutions our clients are facing.


We provide services in Data ProtectionOnline, Onsite and Outsourced:

  • Training – online and onsite training to educate staff
  • Assessment – of your operations and prioritisation of the work that what needs to be in place
  • Deliver – guide you through the changes, keep track with regular meetings,  provide hands-on assistance and task lists


Our clients are small and medium sized businesses, sports clubs and societies.


Our goal is to keep Data Protection compliance simple, using our SMART approach.


Our aim is to take the strain of ongoing compliance – providing you with guidance and support when you need it.



We do the legwork.  So you don’t have to.

Everything you need.  Nothing you don’t.



Be Data Smart. Be GDPR Compliant. Data Protection is here to stay

Karen Heaton

Karen founded Data Protection 4 Business to provide hands-on  implementation services and training to help SME’s become and maintain compliance with the new EU General Data Protection Regulations and UK Data Protection Act, which came into force in May 2018.


With a background in Financial Services and Technology, Karen has over 20 years of business, change management and systems implementation experience in the UK, Europe, Australasia and the Caribbean.


Karen has been responsible for managing multi £m change and regulatory projects embedding new technology, data and operational processess into a variety of Banks, Wealth Managers and SME’s.


Awarded a Distinction in her MBA, Karen is a Certified Information Privacy Professional Europe (CIPP/E) and Certified Information Privacy Manager (CIPM).  In addition, she holds practitioner certifications in: Programme Management (MSP);  Project Management (PMP & Prince2).  Karen is also a Fellow of the Chartered Management Institute and has published a study on software projects.