Help! Roundtable - Demonstrating Compliance


Dentsu Aegis Network, London


Roundtables in London for exchanging ideas on planning and managing
a GDPR compliance programme



1 - Demonstrating Compliance

30 November 2017



2 - Managing Risk


31 January 2018


Macquarie Group

3 - On the Starting Blocks

28 March 2018


Click here for the Help! flyer


This series of 3 one day roundtables for peer group exchange will focus on managing the EU General Data Protection Regulation (GDPR) compliance process.

Regulators and policy makers will not be invited to these roundtables.

Whatever happens with Brexit, your organisation will continue to trade with some of the 30 countries in the European Economic Area and you need to ensure that your organisation is complying with the GDPR.

The emphasis will be on sharing experience to help you organise and manage the process rather than giving legal advice on the impact of the GDPR.

The roundtables will be hosted by companies and take place in London in November 2017 and January and March 2018. Hosts will report on progress in their organisations. In addition, you should expect to discuss your plans with the group. Everyone learns and benefits from this participatory process.


Each Roundtable will be limited to 25 people to facilitate discussion in a relaxed atmosphere. Lunch is included at each Roundtable, ideal for networking.


A summary will be prepared after each session by Privacy Laws & Business on a non-attributable basis for distribution to the group.

The programmes for each roundtable are below, and in the flyer above, but everyone who registers will be able to suggest amendments within the scope of each session to help ensure that the programme is closely aligned with your needs.

Please feel welcomed to e-mail with

a) your offer to share your experience of what you are doing, or planning to do, on one or more of the points in the programme, and

b) your suggestions for amending the programme.



The fee will be £300 + VAT per session with the option of signing up for all three sessions for £750 + VAT. Different people from your organisation may attend different sessions.

To register, e-mail K'an Thomas, General Manager, Privacy Laws & Business, at  

An invoice will be sent to everyone who registers. You will need to pay in advance to attend these sessions.

Each session qualifies for 6 CPD hours. Every Privacy Laws & Business event qualifies for accredited CPD hours for the purposes of the England and Wales Solicitors Regulation Authority’s requirements. Please quote AQJ/PLBU when applying for the points with the SRA.

Please note: we will be taking photos at the Roundtables and you may be included.  



Roundtable 1 - Demonstrating Compliance - CLOSED

Date: 30 November 2017, 09.00h.-17.30h.

Host:  Mark Keddie, Global Data Protection Officer, Dentsu Aegis Network, UK

Location: Dentsu Aegis Network office near Euston Station, London


  1. Update on the Data Protection Bill relevant to GDPR implementation
  2. Deciding on your priorities
  3. Defining and securing adequate resources
  4. Revising privacy and information notices for clients and employees, including preparing for new consent requirements
  5. Preparing breach notification procedures
  6. Preparing for data portability
  7. Preparing documentation to demonstrate compliance/accountability to top management and the ICO


Help! Roundtable 1 Photo Gallery


Roundtable 2 - Managing Risk - CLOSED

Date: 31 January 2018, 09.00h.-17.30h.

Host:  Olga Ganopolsky, General Counsel, Privacy and Data, Macquarie Group, Australia

Location: Macquarie Group office near Moorgate Station, London


  1. Update on the Data Protection Bill/Act relevant to GDPR implementation
  2. Negotiating data processing contracts with third parties in the light of the GDPR requirements
  3. Conducting Data Protection Impact Assessments
  4. Data Protection by Design and Default
  5. Keeping records of processing


Help! Roundtable 2 Photo Gallery


Roundtable 3 - On the Starting Blocks

Date: 28 March 2018, 09.00h.-17.30h.

Host:  Andrew Southam, General Counsel, KrolLDiscovery, UK 

Location: KrolLDiscovery near City Thameslink Station, London


  1. Do you really know where all your personal data is located?
  2. When to use legitimate interests as a basis for processing
  3. Designing and timetabling communications strategies
  4. Designing and timetabling training programmes: What? to whom? and when?
  5. Other?