Back to Case Studies
Compliance

"Zero ICO complaints. 15 requests. 100% on-time."

The GDPR Deadline

100%
On-Time Rate
15
Cases Handled
Zero
ICO Complaints

Situation

Someone asks for their data under GDPR Article 15. You have 30 days to respond. Miss the deadline, the ICO can fine you up to £17.5 million or 4% of annual turnover. Most companies panic when they get a DSAR. They don't know where the data is. They don't know what to include. They don't know how to redact third parties. No system existed. No process. No documentation.

Task

Build a complete DSAR processing system that guarantees compliance and eliminates the panic.

Action

Created the entire framework from nothing:

  • 8-stage workflow: From receipt to delivery, every step documented
  • 1,460-line knowledge base: Every Article 15 requirement covered
  • Third-party redaction protocol: 336 lines, 3-step decision tree
  • 15-category data checklist: All personal data types identified
  • Case law integration: Ashley v HMRC, Harrison v Cameron precedents
  • Interactive dashboard: Color-coded deadline tracking, status alerts
  • Template library: Response letters, acknowledgments, extensions

Result

  • 15 DSAR cases handled
  • 100% on-time delivery (21-day average vs 30-day deadline)
  • Zero ICO complaints
  • £17.5M+ potential fines avoided
  • Framework now handles all requests automatically

Ownership

I built this entire system. Every process. Every template. Every knowledge base entry. I handle the DSARs. I deliver the responses.

Want results like these?

Tell me what's broken. I'll scope a fix and explain exactly what you'll get.

Email hello@anomalyops.com