meet the team
Chief Data Protection Officer
Nigel is founder of the Data Privacy Advisory Service, and he plays a vital part in our success. Due to his extensive experience, Nigel is recognised as a leading expert in the industry.
A hugely experienced Data Protection Officer (DPO), Nigel has held a number of senior roles in private and public sector. These include a national board role with NHS Direct as Chief Operating Officer, along with a recent DPO role at South Western Ambulance NHS.
Nigel is the DPO at Macmillan Cancer support, Bristol Airport and several other organisations. He has also worked in a number of local authorities, and was DPO at Teignbridge and Watford Council.
He also has experience in working and liaising with the ICO and other EU supervisory authorities. Nigel has worked with clients in multiple jurisdictions, including those outside the EU and the GDPR adequacy arrangements. He was also the strategic Data Protection Subject Matter Expert advising the Government of Jersey in Health, Social Care and Children’s Service including Safeguarding and Education.
Nigel has also recently led the development of a Global Data Strategy with one of the largest companies in the world. This covers legislative compliance, data and information governance and data value.
Nigel holds Master’s degrees in Data Protection and Information Governance, Information Rights Law with a speciality in Children’s and Young Person’s data sharing, Freedom of Information, and Environmental Information regulations law. He also holds practitioner level qualifications, wrote the first UK DPO CPD Accredited Training Course, and is the lead trainer for the DVLA.
Melanie is currently responsible for day to day running of DPAS. She leads our financial planning, operational decision-making, and our business strategy.
Having joined DPAS at the start of our journey, Melanie has continued to work closely with Nigel, growing the business to what it is now. She has a passion for all things business, and is continually striving to ensure DPAS is leading the field in data protection consultancy services.
With the recent success of DPAS becoming an accredited BCS training provider, she has worked with our Training Manager, Megan, to develop the training arm of the business.
DPAS is now considered a market leader in data protection training, working with one of the largest public sector organisations as their only training supplier.
Melanie also plays a key part in the success of our tender bids within the Public Sector.
Head of Data Protection Consultancy
Sandy is a fully qualified and experienced Data Protection Practitioner and lawyer. She holds the BCS Practitioner Certificate in Data Protection, along with a decade’s experience in this field.
As a dedicated professional, Sandy has a detailed knowledge of not only the General Data Protection Regulation (GDPR), but other related legislation as well. This includes the Data Protection Act 2018 (DPA 2018) and the Privacy and Electronic Communications Regulations (PECR).
With excellent practical application of the relevant law, together with an in-depth understanding of the guidance issued by the Information Commissioner’s Office (ICO) and the European Data Protection Board (EDPB), she is well equipped to provide a first rate data protection service.
Sandy’s experience has involved numerous dealings with the ICO on behalf of clients. She therefore has a clear and comprehensive understanding of the ICO’s role, and the impacts upon organisations and data subjects.
Sandy has previously worked for a local authority, during which time she gathered invaluable experience in relation to some of the challenges faced by the public sector.
Since specialising in privacy law and acting as DPO for organisations, Sandy has had the opportunity to undertake numerous roles. These involved the development of policy, procedures, and guidance in data protection, along with providing training on these topics to the staff of a wide-ranging client base.
Sandy also has a wealth of experience in preparing Data Protection Impact Assessments, Audits and Gap Analyses, Reports, Privacy Notices, Legitimate Interest Assessments, Data Processing Agreements and Contracts, all of which require close attention to detail.
DATA PROTECTION PRACTITIONER & TRAINER
Natalie is an Exeter University graduate, with a background in teaching Mathematics at GCSE & A-Level. After switching careers from education to Data Privacy, Natalie makes use of her academic skills in the world of data protection.
Natalie holds the BCS Practitioner Certificate in Data Protection and supports Nigel with our outsourced DPO services.
Using her teaching background, Natalie also helps to deliver some of our accredited training courses. She offers a practical approach to data protection.
Andy leads our Business Development within the public sector. He specialises in change management, project management and providing data protection services to local authorities and their partners.
Andy leads the sales division at DPAS, discussing with potential customers the benefits our outsourced services can provide their organisation.
Senior business analyst
Sarah has worked with DPAS as an Associate Senior Business Analyst since 2018. During this time, she has worked with key clients to deliver high quality information assets. Sarah has over 15 years experience as a Senior Business Analyst, across both Public and Private Sector Organisations.
Alongside Nigel, Sarah leads the Information and Cyber Security division of DPAS. She works with a variety of clients to protect their information and minimise data risks.
Subject access requests officer
Helen provides outsourced subject access requests redaction services to our public and private sector organisations.
Her expertise sits with health and social care redactions, applying exemptions where applicable.
Helen also runs a personal training company in Exeter in the evenings.
DATA PROTECTION PARALEGAL
Charlotte is our Data Protection Paralegal, having studied law at Cardiff University. She has worked in public and private sectors in Cardiff and the South West, and has experience in audits and providing legal services.
Megan is our Training Manager, responsible for the day to day running of all our courses at DPAS. Having studied Events Managements at university, Megan uses her skills and knowledge to set up, and deliver, high quality training courses to our clients.
Alongside the training programme, Megan will develop her Data Protection knowledge to expand her expertise in this industry.
Data Protection officer
Jemma works as part of the Subject Access Request team providing redaction services to various organisations.
Having previously worked as a Legal Executive for regional law firms where she specialised in residential property she has now transferred her background legal knowledge and skills to processing subject access requests.
In her spare time Jemma enjoys long walks with her dogs and cake decorating.
SUBJECT ACCESS REQUEST TEAM
Ellen currently works as part of the Subject Access Request Team to provide redaction services for a number of organisations.
She previously worked in the healthcare industry for NHS 111.
In her spare time, Ellen enjoys riding her horse and keeping active at the gym.
SUBJECT ACCESS REQUEST TEAM
In his spare time, Matt likes to keep active and is an avid basketball player.
OUR EXTERNAL TEAM
DATA PROTECTION Consultant
Mark works closely with DPAS, assisting onsite with GDPR projects and training.
Mark is a MBA-qualified Business Consultant with a successful background in managing the impacts of change on organisation design and the target operating model. He has a vast amount of experience with regulatory impacts, divestments and mergers. He has worked in B2B, financial services, banking, consulting, commercial, international and FTSE-100 corporate sectors.
Laura de Vries
Sr. Privacy Consultant
Laura has been working together with DPAS as a Sr. Privacy Consultant and is employed by our partner in the Netherlands, Cuccibu. She is CIPP/e, CIPM and CIPT certified, as well as holding a LLM in International and European Law and a MA in International Relations. Additionally Laura is in possession of a NIMA-A marketing certificate.
She has extensive experience as a paralegal and as a consultant working as a Data Protection Officer, Privacy Officer and (GDPR implementation) project lead for various organisations in diverse industries. Recently Laura collaborated with DPAS on the development of an overarching P&O data strategy for a large pharmaceutical company, focussing on data compliance, culture and value.
She combines her work experience with excellent communication, research and presentation skills.
As the CEO of Warringtons, Stephen offers Business Consulting services to organisations in the Membership, Publishing and Legal sectors, focusing on business change and big data initiatives.
By enabling the change of business systems and internal processes, as well as leveraging existing organisational data, Stephen solves his clients’ toughest challenges. This empowers his clients to deliver value more effectively and drive competitive advantage within their sector.
Ralph joins the DPAS team as one of our leading consultants, focusing on audits and training. After two decades of work at the forefront of the privacy sector, Ralph has built his career around making the intricacies of Privacy & Security risk management understandable.
He enjoys passing on his passion for privacy by translating often complicated legal concepts, into sustainable business processes. Ralph uses his knowledge of data protection laws and information governance standards to help businesses develop and grow, engage their stakeholders, and to deliver real value to his clients.
Ralph delivers some of our BCS certified courses along with data protection courses.
Barry is one of our training consultants. He has years of experience in the field and offers bespoke and off the shelf courses focusing on Information Governance within the Health and Social Care field.
Barry won the ICOs Practitioner Award for Excellence in Data Protection Award 2020. He is a Chair for the Eastern Region IG Forum.
Barry has had a number of successes during his career. He formed the first national Strategic Information Governance Network Group, and supported the development of the former NHS Information Governance Toolkit. He also developed a national career path in the NHS for those working in data protection.
Barry delivers our health focused GDPR training, SIRO and Caldicott Guardian courses.
Nav joins the DPAS team as one of our external training consultants. Nav’s experience is vast specialising in Cyber Security, Security Management and Security Architecture.
Nav has 23 years’ of experience leading Information Security teams, for International Organisations, all over the World.
Nav also has experience in the development of Security target operating models to support business and IT global functions. He has exposure to global regulatory change and control implementation with a specific focus on Asia Pacific. More recently focusing on the upcoming changes to European Data Protection Law.
Nav leads our Cyber Security training programme.
Inga enjoys bringing what some may see as a ‘dry’ subject to life through consultancy and training. She is able to translate complex data protection issues into clear and understandable language, enabling clients to make informed business decisions in relation to data protection.
She has experience of working with a range of public and private sector clients, including: tech start-ups, charities, multi-national organisations, Non-Governmental Organisations, and financial services organisations.
Inga has a PhD in Science and Technology Studies from University College London (UCL), and an MSc in Science and Technology Policy Research from Manchester University. She is a Certified Information Privacy Professional/Europe (CIPP/E), a Certified Information Privacy Manager (CIPM), and is an ISO 27001 Certified Information Security Management System (ISMS) Lead Implementer.
Bilal is an information governance professional, with more than 9 years’ experience in central and local government in and around London, NHS, regulatory bodies and the voluntary sector.
Bilal was on the British Standards Institute Committee for the GDPR update to the the data protection standard, BS 10012:2017. He also delivers our BCS Practitioner Certificate in FOI.
Bilal has also spoken on FOI at the 6th Conference of Scientific Archivists in Brazil; the PDP FOI Conference in London; the National Police Chiefs’ Council FOI/DP conference; trainer for Understanding ModernGov, Civil Service College; TNA IMLG and numerous other conferences.