Privacy by design
assured by expertise

Our focus

We create & support business transformation in five areas

We help companies utilize both internal and externally available data in ways that produce new insights into their businesses, their customers and their competitors. This enables well-informed business decisions related to strategy, marketing, risk and product development. We advise on the underpinning technology, organization, processes, business intelligence systems and data science techniques. We focus on getting the right mix of quick-win agile analytics and longer term investments in data science and big data projects. We work with CMOs, CIOs and CROs to weave privacy into data science & create privacy metrics that are both compliance-predictive and capable of driving behaviours.


Our understanding of Privacy by Design & Privacy Enhancing Technology aligns with regulatory expectations of the present and future. We understand how to incorporate GDPR compliance into complex landscapes and leverage / control Cloud. We hold a disruptive view on the monetization potential of cryptography in light of evolving customer sentiment.

Contact Centers

Our experience of converting customer contact into actionable privacy insights and rights servicing architecture has been deployed in massive scale environments, and has regularly exceeded regulatory expectations.


We have a track record of training and co-resourcing internal audit engagements to deliver test strategies at the genuine quality threshold demanded by the GDPR. Our privacy impact assessment experience spans design, execution and portfolio management. Our GDPR Obligation Register is a unique offering from which we drive baseline assessments of compliance architectures.

Legal & HR

Our BCR filing & implementation experience spans all EU member states regulators, & global operations of regulated & unregulated world class organizations. Our inter-firm / SLA experience supports both tax structures and group data sharing strategies. We create superbly efficient and effective governance structures in even elongated subcontracting chains serving complex business processes. We aim to create legal certainty by generating transparency, control and optimized escalation paths. We fundamentally believe that understanding & acting upon privacy generates a purpose in key employees, that unlocks innovation and drives retention & hiring goals.

About Us

Observe Implement Protect
We are Specialists in Corporate Data and Privacy Protection

We are a risk management boutique specialized in privacy and data protection.

We vision & deliver business transformation, cutting edge compliance, risk assurance & data value enablement services.

Our long-standing regulatory relationships, across the EU, are built upon mutual respect & leverage best in class breach identification capability.

  • Data

    monetize & comply

  • Technology

    assure & enable

  • Contact Center

    insights & incidents

  • Compliance

    efficiency & effectiveness

  • Legal & HR

    create certainty

Our Team

Steve Kenny
Steve has over 15 years experience of privacy at the regulatory, in-house, research and consulting coalface. He is passionate about the transformative power of privacy to energize customer engagement, effect stepchange in market value, and to enhance the corporate contribution to society.
Dr. David Stephenson
Dr. Stephenson helps companies develop their business analytics and data science capabilities within the context of current and emergent privacy regualtion. He was previously Head of Global Business Analytics for the eBay Classifieds Group and prior to that worked in financial risk management. He received his Ph.D. from Cornell University and has served on the faculty of the University of Pennsylvania.
Geoff Smith
Geoff has many years experience as a specialist data protection and information risk expert. He has provided data protection compliance advice and led the implementation of privacy programmes for a variety of organisations including large global and UK financial services, transport and logistics businesses, both digital and telemarketing, local authorities and public health sector. He has particular expertise in introducing policy and governance frameworks, privacy impact assessments, compliance monitoring, information assurance audits, data quality and records management systems, data protection training and ISO 27001 certification. Geoff has an MSc in Information and Records Management and is CIPP/E accredited.
Ewa Goralska-Kelly
Ewa is a, 15 year, data protection professional. After 6 years in the Polish Data Protection Authority, she has fulfilled DPO roles for 2 of Poland’s largest financial services businesses. She has particular expertise in building systems for protection of personal data and in monitoring, how they work, as well as resolving specific problems related to personal data protection. Ewa’s most recent assignments have related to the implementation of the new European General Protection Regulation.

Latest News

What's going on at Assured Privacy?

Get in touch

Ask a question or tell us what you think.