We exist to solve the data protection issues facing our clients, both large

and small. Our unique pragmatic approach is not only what differentiates us,

but also what makes us successful. 

We lead by example and encourage our clients to really consider how they can create a value-added service by working in a data safe way.

Our team of experienced specialists..

Nigel Gooding

Chief Data Protection Officer

  • Grey LinkedIn Icon

As founder and Managing Consultant of the Data Privacy Advisory Service, Nigel leads

our team of Consultants, Project Managers, Business Analysts

and Data Protection Officers.

A certified GDPR Practitioner and Data Protection Officer (DPO), Nigel has worked in the private and public sectors. He has operated at board level as a board member of NHS Direct, Independent Parliamentary Standards Authority (ISPA) and for South West Ambulance Trust. He has held many data protection controller and security roles in data sensitive areas including working with MP, customer and patient records.


Nigel combines his experience with extensive operational management, stakeholder management and service redesign skills; including implementation of digital enablers and change management experience within challenging environments. 

Melanie Garnett

Operations Director

  • Grey LinkedIn Icon

Melanie heads up our operations, 

finance and HR. 


Melanie acts as our Business Manager whilst leading the sales team and completing our bid writing.

Aside from Melanie’s operational experience, she is a talented project manager who is able to manage senior stakeholder relationships with ease. Melanie is a leading GDPR project manager, having led the GDPR projects for an international retailer, an ambulance service and

a global recruitment agency. 

Melanie maps our client’s journey

to compliance, working through the audit and GAP analysis and

putting together projects plans 

whilst engaging with the senior stakeholders.

Sandy May

Head of Data Protection Consultancy

  • Grey LinkedIn Icon

Sandy has a hands-on approach in leading our clients to comply with the GDPR and data protection laws. 


Sandy works with the team to introduce good data protection principles and operating practices across multiple organisations, using a single system of assurance to keep data subjects and organisations safe. 


As our Head of Data Protection Consultancy, Sandy brings valuable knowledge and experience to DPAS, having specialised in data protection since 2011.


A qualified lawyer and data protection practitioner, Sandy has worked with a wide range of clients, from small private organisations to large public authorities, advising them on a variety of data protection matters, from straight forward subject access requests to comprehensive and complex audits.

Sarah Wilson

Director of Cyber and Information Security

  • Grey LinkedIn Icon

Sarah has worked with DPAS as an Associate Senior Business Analyst since 2018. Working with key

clients to deliver high quality information assets. Sarah has over 15 years experience working as a Senior Business Analyst across both Public and Private Sector Organisations.


Alongside Nigel, Sarah leads the Information and Cyber Security division of DPAS. Sarah works with

clients to better protect their information and minimise data risks.

Georgie Stevens

Sales and Operations Manager

  • Grey LinkedIn Icon

Georgie joins the team at DPAS bringing years of experience working with Local Authorities. Georgie is meticulous at administration and heads up our operations department, organising and planning our training and events.

Georgie is also in charge of business development and will be able to help our clients really understand what we can help them with; training, consultancy, cyber, DPO services and more.

Matt Cuthbert

Data Privacy


  • Grey LinkedIn Icon

Matt comes from an analytical background with experience of project management within a non-profit organisation.

Matt works with the team to lead clients to become compliant with GDPR and data protection laws.

Matt does this through the development and implementation of personalised tools for clients to enable current and future compliance to the regulations.

Mark Roebuck

GDPR Consultant

  • Grey LinkedIn Icon

Mark works closely with DPAS assisting onsite with GDPR projects and training. 


Mark is a MBA-qualified Business Consultant with a successful background in managing the impacts of change on organisation design and the target operating model. With experience in regulatory impacts, divestments and mergers, working across B2B, financial services, banking, consulting, commercial, international and FTSE-100 corporate sectors.

Helen Kukor

SAR Processing Support

  • Grey LinkedIn Icon

Helen leads our SAR processing services. Helen works with our clients to understand their redaction processes, internal SAR policy and provides redaction services to ensure the client adheres to the regulation.

Andy Ledger

Business Development

  • Grey LinkedIn Icon

Andy leads our Business Development within the public sector. 


Andy specialises in GDPR change management, GDPR project management and GDPR services to local authorities and their partners. 

Andy also assists with bid writing for DPAS. 


Contact us and find out how our data protection services can benefit your company. Before filling in the form please ensure you have read and understood our privacy notice.


10 Oaktree Place, Marsh Barton, Exeter,

Devon EX2 8WA

01392 914019

  • Black LinkedIn Icon
  • Black Facebook Icon
  • Black Twitter Icon

©2019 Data Privacy Advisory Service Ltd. ALL RIGHTS RESERVED


01392 914019

0203 3013384

 Privacy Notice

Please note all information on this website is for your help and guidance. It should not be regarded as an authoritative

or definitive statement of the law.