This web site uses cookies. You are free to manage your cookie settings in your web browser at any time. For more about how we use cookies, please read our data privacy policy.

We simplify GDPR implementation and operations


We simplify GDPR implementation and operations
GDPR compliance for organisations of all sizes

What is GDPR SMEs?

GDPR SMEs is the brainchild of Jim Ashton. Jim has many years experience in the data field accumulated over many years since delivering his first data warehouse project for an international investment and retail bank in 1997.

GDPR SMEs is a small company with big clients. We usually get called in for one of two reasons:

  1. our services stand out from the rest
  2. to clean up failed or stalled GDPR programmes that usually were started using big name consultancies.

We are experts, agile, responsive and highly knowledgeable.

Our mission

Our mission is to simplify the process for organisations like yours to become GDPR and PECR data protection compliant.

We engage with clients of all sizes across the entire profit and non-profit spectrum. Our services include consulting, managed services, training and outsourcing.

We have successfully delivered very challenging GDPR projects. We share our expertise and insight with you to help achieve your data protection objectives.

Our sector experience

Banking / Financial Services

  • ABN Amro : investment banking
  • BBVA : retail and wholesale banking
  • Capify Financial services - business funding
  • Citibank : retail and wholesale banking
  • Co-Operative Bank : retail and wholesale banking
  • Coventry Building Society : retail financial and mortgage services
  • Mizuho International Bank : investment banking
  • Morgan Stanley International : investment banking
  • PleasePay - Financial Management
  • UBS / SBC Warburg : equity sales


  • Met Life : all types of insurance
  • Thomas Miller : corporate insurance, professional indemnity insurance, wealth management
  • Tindall Riley : corporate insurance, professional indemnity insurance


  • BizSpace - business property leasing
  • Brightstar - wireless logistics and supply chain
  • Brookes Bell - marine consultancy
  • CloudMade - electronic vehicle tracking
  • Cogniance - bespoke software development
  • Fadata - insurance software development
  • International Chamber of Shipping - global marine trade association
  • IRIS Software : software development, B2B marketing, sales, supply chain
  • Muso - global piracy (IP) tracking
  • Nucleus Global - medical communications
  • Seiko Time Incorporated : retail marketing, sales, supply chain
  • Wolters Kluwer/Springer : publication

The face, name and experience behind this site

Jim Ashton

Owner and founder of GDPR SMEs

<?php echo $ptitle; ?>

<?php echo $ptitle; ?>


Over 20 years experience covering GDPR/PECR, Data Governance, Data Architecture, Enterprise Reporting, Transformation and Change to deliver: cost reduction, risk mitigation and increased efficiency.

Member of DAMAData Management Association and a Professional member of IAPPInternational Association of Privacy Professionals.


  • Insurance
  • Investment banking
  • Retail banking
  • Financial services
  • Business to business marketing and sales
  • Publication
  • Retail manufacturing and distribution
  • Supply chain and logistics

Business and engagement partners

GDPR SMEs needs to be flexible and concentrate on delivery. To achieve this we use two trusted partners that provide us with associate pools of skilled project and technical professionals who will get the job done under our vision, supervision and guidance.

<?php echo $ptitle; ?>
Bishopsgate Financial help us with delivery resources through a dedicated pool of associate resources.
<?php echo $ptitle; ?>
WeControl help us by providing the technology expertise we need to deliver aspects of digital security and compliance verification.