meet the team

nigel gooding team


Chief Data Protection Officer

The Data Privacy Advisory Service was started by Nigel Gooding in March 2017. Nigel has worked in many different private, and public sector organisations as a consultant, specialising in data protection for the majority of his career. The company was grown out of his passion to protect data and his pragmatic view around how to do this. 

With the introduction of the GDPR we have grown significantly over the past three years from a team of 1 to 10 employees, with many associates working at one time on various projects. We have made long standing partnerships with other companies in our field. We pride ourselves on our personable and cost-effective service.

melaine garnett



Melanie is the head of our operations, finance and HR departments, also acting as our Business Manager whilst leading the sales team and completing our bid writing.

Aside from Melanie’s operational experience, she is a talented project manager, and has led GDPR projects for an international retailer, an ambulance service and a global recruitment agency. She is able to manage senior stakeholder relationships with ease due to her professionalism and excellent manner.

sandy may


Head of Data Protection Consultancy

As our Head of Data Protection Consultancy, Sandy brings valuable knowledge and experience to DPAS, having specialised in data protection since 2011.

Sandy has a hands-on approach in leading our clients to comply with the GDPR and data protection laws. She works with other members of our team to introduce data protection principles and operating practices across multiple organisations.

As a qualified lawyer and data protection practitioner, Sandy has worked with a wide range of clients, from small private organisations to large public authorities, advising them on a variety of data protection matters, from straight forward subject access requests to comprehensive and complex audits.

natalie bennet meet the team



Natalie is an Exeter University graduate, with a background in teaching Mathematics at GCSE & A-Level. After switching careers from education to Data Privacy, Natalie made use of her exceptional organisation skills, and eye for detail assisting the Operations Director in the day-to-day running of DPAS.

Natalie also helps to deliver some of our accredited training courses, using her teaching background to offer a practical approach and ensure consistent outcomes.

andy ledger meet the team



Andy leads our Business Development within the public sector, specialising in GDPR change management, GDPR project management and providing GDPR services to local authorities and their partners. He also assists with bid writing for DPAS.

sarah wilson


Senior business analyst

Sarah has worked with DPAS as an Associate Senior Business Analyst since 2018, working with key clients to deliver high quality information assets. Sarah has over 15 years experience working as a Senior Business Analyst across both Public and Private Sector Organisations.

Alongside Nigel, Sarah leads the Information and Cyber Security division of DPAS, working with a variety of clients to protect their information and minimise data risks.

helen gooding team


Data Privacy Officer

Helen started off leading our SAR processing services, working with our clients to ensure they understand their redaction processes and have an internal SAR policy. She also liaises with clients and completes redactions that have been outsourced to us.

Alongside this, Helen assists Melanie and the rest of the team with the general day-to-day running of DPAS.


mark roebuck


GDPR Consultant

Mark works closely with DPAS assisting onsite with GDPR projects and training.

Mark is a MBA-qualified Business Consultant with a successful background in managing the impacts of change on organisation design and the target operating model. He has a vast amount of experience with regulatory impacts, divestments and mergers and has worked in B2B, financial services, banking, consulting, commercial, international and FTSE-100 corporate sectors.

laura devriest

Laura de Vries

Sr. Privacy Consultant

Laura has been working together with DPAS as a Sr. Privacy Consultant and is employed by our partner in the Netherlands, Cuccibu.Laura is CIPP/e, CIPM and CIPT certified, as well as holding a LLM in International and European Law and a MA in International Relations. Additionally Laura is in possession of a NIMA-A marketing certificate. 

​Laura has extensive experience as a paralegal and as a consultant working as a Data Protection Officer, Privacy Officer and (GDPR implementation) project lead for various organisation in diverse industries. Recently Laura collaborated with DPAS on the development of an overarching P&O data strategy for a large pharmaceutical company, focussing on data compliance, culture and value. Laura combines her work experience with excellent communication, research and presentation skills.

stephen warrington team



As the CEO of Warringtons, Stephen offers Business Consulting services to organisations in the Membership, Publishing and Legal sectors focusing on business change and big data initiatives. 

By enabling the change of business systems and internal processes, as well as leveraging existing organisational data, Stephen solves his clients’ toughest challenges. This empowers his clients to deliver value more effectively and drive competitive advantage within their sector.



Ralph joins the DPAS team as one of our leading consultants, focusing on audits and training. After two decades of work at the forefront of the privacy sector, Ralph has built his career around making the intricacies of Privacy & Security risk management understandable.

He enjoys passing on his passion for privacy by translating often complicated legal concepts, into sustainable business processes. Ralph uses his knowledge of data protection laws and information governance standards to help businesses develop and grow, engage their stakeholders, and to deliver real value to  his clients.

Ralph delivers our ISO 27001 and ISO 27701 training and our IAPP training.



Barry is one of our training consultants. He has years of experience in the field and offers bespoke and off the shelf courses focusing on Information Governance within the Health and Social Care field.

Barry won the ICOs Practitioner Award for Excellence in Data Protection Award 2020. He is a Chair for the Eastern Region IG Forum.

Barry has had a number of successes during his career. He formed the first national Strategic Information Governance Network Group, he supported the development of the former NHS Information Governance Toolkit and developed a national career path in the NHS for those working in data protection.

Barry delivers our health focused GDPR training, SIRO and Caldicott Guardian courses.