About Us

GRCI Law is part of GRC International Group plc. We are a specialist data protection and privacy legal and compliance consultancy firm. We offer a full suite of data privacy and data protection solutions to a global client base. Our clients operate in a wide range of sectors including health and social care, education, professional services, retail, technology, media and telecoms.

We are at the forefront of developments in the constantly evolving, challenging and complex field of data privacy.

We are market leaders in terms of depth and breadth of experience. Our team of lawyers and DPOs (data protection officers) have decades of experience between them.

We only advise on data protection, privacy and associated non-reserved legal services, which means our team has sector-specific knowledge and experience, and visibility of the latest trends, best practice, developments and challenges. Our clients view us as part of their teams and we are known for our pragmatic, commercial advice.

Not a traditional law firm

We offer legal risk and compliance consultancy advice that you can trust, but without the burden of administrative duties and expenses that law firms must bear to carry out certain ‘reserved legal activities’, such as litigation, conveyancing and advocacy.

Because we don’t provide these reserved legal activities, we are able to offer you high-quality, specialist advice at competitive rates.

Faster, more cost-effective and no conflicts of interest

We provide the independent support and services that traditional law firms cannot – either because they lack the necessary resources or because doing so would create a conflict of interest.

For example, the GDPR stipulates that although the DPO may fulfil other tasks and duties, doing so must not result in a conflict of interest.

Regulated solicitors therefore often can’t act for their clients as both DPO and lawyer. Outsourcing the DPO function to GRCI Law removes that conflict, enabling clients to continue to instruct their solicitors for legal advice on the ‘reserved legal activities’.

Indeed, for most law firms, it is more cost-effective to use our services than incur additional liabilities and risks by providing these services themselves.

All the GDPR support you need

  • Clients often struggle to manage their own GDPR compliance programmes. Our Data Privacy Manager Service can help.
  • Reviewing contracts to ensure they are aligned with the law is a challenge for anyone without a legal background. Our GDPR Contract and Legal Services can help.
  • The GDPR has created a huge demand for appropriately experienced and knowledgeable DPOs – official guidance recommends four to five years’ experience – that far outstrips supply. Our DPO as a Service can help.
  • When a data breach occurs, time is of the essence. To meet the GDPR’s 72-hour personal data breach reporting requirement, you need to respond appropriately and effectively. Our Retained Data Breach Management Service can help.

GRCI Law has the required knowledge and experience to help in these situations. Although part of GRC International Group, GRCI Law is a wholly independent company with its own management structure and staff. We provide our services entirely independently of our other group companies.

Being part of a larger group that offers a range of complementary services means we can help you with a wide range of compliance solutions as well as data privacy and cyber incident response.

Contact us

For more information about our services and what we can do to help you, call us on +44 (0)333 900 5555 or email grcilaw@grcilaw.com.