DSAR as a Service

DSAR as a Service

An annual subscription service for organisations that do not have the time or expertise in-house to deal with DSARs (data subject access requests).

Save 10% on annual fees by paying in advance.

Enquire today
Price: £0.00
Excluding VAT

Collating relevant information to respond to DSARs can be challenging and time consuming, particularly as the data subject’s identity must be verified, data should be screened and third-party consent may need to be obtained. Outsourcing this requirement allows your organisation to get on with the job in hand, while maintaining compliance with the GDPR and fulfilling your DSAR obligations as required.

DSAR as a Service

We can support you throughout this complex process with DSAR as a Service. DSARs are processed by a team with extensive experience dealing with such requests. Dedicated support for the process from GRCI Law covers all areas of the DSAR process:

  • Reviewing and assessing the nature and validity of the DSAR.
  • Verifying the requester’s identity.
  • Liaising with the single point of contact within your organisation to locate the relevant data and to acquire all the personal information relating to the individual.
  • Screening the collated data.
  • Obtaining consent from third-party individuals where their personal information is contained within the search results, and, where it is unobtainable, applying redactions.
  • Applying lawful exemptions, if applicable.
  • Formally disclosing the information to the requester.
  • Documenting the facts relating to the DSAR.
  • Liaising and interacting directly with the relevant regulatory authority. 

This service is available either on an annual subscription basis, which is perfect for organisations that want DSAR help year round, or as smaller prepaid blocks of hours, which could help organisations with a particularly difficult DSAR or to cover staff absence. 

Service options:





Approximately 5 to 10 DSARs annually Approximately 11 to 20 DSARs annually Approximately 21+ DSARs annually According to your needs

Includes ability to service one-off DSARs
50 hours included 100 hours included 150 hours included

Key Contacts


About us

Led by our management team of experienced DPOs (data protection officers), lawyers, barristers, and information and cyber security experts, we provide DPO, breach, data privacy management, and data subject access request support, and associated non-reserved legal services.

We offer legal risk and compliance consultancy advice that you can trust, but without the burden of administrative duties and expenses that law firms must bear in order to carry out certain ‘reserved legal activities’, such as litigation, conveyancing and advocacy.


GRCI Law has completed the NHS Data Security and Protection (DSP) Toolkit online self-assessment tool which allows organisations to measure their performance against the National Data Guardian’s 10 data security standards, providing the assurance (to all NHS clients) that we are practising good data security and that personal information is handled correctly. If you process NHS patient data in any capacity, GRCI Law is able to assist you with all your data privacy requirements.

If you need assistance to become compliant with the DSP Toolkit, our sister company IT Governance Ltd offers several options to help you complete this exacting requirement.

Speak to an expert

If you have any queries or you’re unsure of how to progress, please get in touch with our team of experts who will be able to assist with your enquiry and provide guidance options.

Enquire today