Services · Fixed-price project

GDPR in place — without lawyer hours or last-minute scrambles

Most small businesses know GDPR applies to them but lack the documentation. We map which personal data you process and set up everything that needs to be in place: records, privacy policy, agreements and routines. Fixed price, done in 2–3 weeks.

Fixed-price project

Price

NOK 12,900–24,900

excl. VAT

All prices excl. VAT.


What’s included

  • Mapping of which personal data you process, and where
  • Records of processing activities per GDPR Article 30
  • A privacy policy in Norwegian, tailored to your business
  • Data processing agreement (DPA) templates for your vendors
  • Cookie banner and consent set up on your website
  • A breach routine — what you do if something goes wrong
  • A short walkthrough with whoever will own this internally

How we work

  1. 01

    Mapping

    A structured 1–2 hour meeting where we go through what personal data you collect, why, and which systems and vendors are involved.

  2. 02

    Documentation

    We write the records of processing, the privacy policy and the breach routine, and adapt DPA templates to your vendors.

  3. 03

    Website setup

    Cookie banner and consent are set up correctly, and the privacy policy is published where it belongs.

  4. 04

    Handover

    We walk through everything together, answer questions and show you how to keep the documentation alive going forward.


A fit for you if

  • run a small business and never got GDPR properly in place
  • collect customer data through your website, forms or newsletters
  • get questions from customers about data processing agreements
  • want the documentation ready if Datatilsynet — the Norwegian data protection authority — asks

Common questions

What does the GDPR starter package cost?

NOK 12,900–24,900 excl. VAT, depending on how many systems and vendors you have. You get a fixed price before we start.

How long does it take?

Usually 2–3 weeks from the kickoff meeting until everything is delivered. The work itself is 8–12 hours, and most of it happens without disturbing your operations.

Are we done with GDPR after this?

You get the foundation: the documentation and routines the law requires. GDPR is still ongoing work — the records must be updated when you adopt new systems. The routines we deliver make that easy.

Do we need a lawyer as well?

Most small businesses don’t, just to get the documentation in place. Purely legal questions — like disputes or complex transfers abroad — we always refer to a lawyer.

What’s the difference between the starter package and the GDPR assessment?

The starter package builds the documentation from scratch and suits you if most of it is missing. The GDPR assessment is a gap analysis for those who already have something in place and want to know where the holes are.

What do we need to contribute?

One 1–2 hour mapping meeting, answers to a few follow-up questions and a final walkthrough. We do the rest.



Get your GDPR documentation in place