ClaritaAdvisory

Outsourced information governance · local authorities

When the requests keep coming and the team doesn’t grow.

Clarita Advisory provides outsourced FOI, SAR and data protection support to local authorities and public sector organisations. We handle the work. You meet the deadlines. Every time.

Tell us what you needOur services →
Professional office meeting scene

Professional support for statutory obligations

Calm, responsive support for FOI, SAR, DPIA and operational information governance demands.

20

Working days — FOI statutory deadline

30

Calendar days — SAR statutory deadline

72

Hours — ICO breach notification window

0

Deadlines missed — our commitment to you

Our services

The statutory obligations don’t pause. Neither do we.

Whether you need a specialist to take requests off your desk entirely, a Data Protection Officer without the full-time salary, or expert support for a specific project — we have it covered.

Request handling

FOI request management

Twenty working days is not a target — it is the law. We manage FOI requests end to end: validating, applying exemptions, drafting responses and handling ICO referrals. Your team sees the finished response, not the hours behind it.

FREEDOM OF INFORMATION ACT 2000

Subject access requests

A SAR touching five systems, containing third-party information and arriving the week your IG officer is on leave is not unusual. We handle the search, collation, redaction and response — complex, disputed or high-volume — within the 30-day statutory limit.

UK GDPR ARTICLE 15

Data protection impact assessments

New case management system? Shared platform with an NHS partner? These trigger an Article 35 obligation. We conduct the DPIA from initial screening to a signed-off written report — giving your project board the documented assurance it needs.

UK GDPR ARTICLE 35

Ongoing advisory

Remote data protection officer

UK GDPR Article 37 requires most public authorities to appoint a DPO — independently, expertly and properly resourced. We provide a qualified named outsourced DPO: advising on processing decisions, maintaining your ROPA, supporting your team through incidents and acting as ICO liaison. Packages tailored to your organisation and quoted on request.

UK GDPR ARTICLES 37–39 · RETAINED MONTHLY

Breach response support

When a breach is identified the 72-hour notification clock starts. Most organisations do not have a rehearsed response process — and the moment a breach happens is not the time to build one. We provide immediate support through containment, impact assessment and ICO notification decisions.

UK GDPR ARTICLES 33 & 34

Compliance & project work

IG health check

A structured review of your information governance position. Policies, procedures, privacy notices, ROPAs and data sharing agreements assessed against UK GDPR. You receive a written report with prioritised findings — often the fastest way to identify risk before the ICO does.

FIXED FEE · WRITTEN REPORT

ROPA development & maintenance

Your Record of Processing Activities is a live obligation — not a one-off document. We build it from scratch or bring an existing one up to standard, and maintain it as your services evolve.

UK GDPR ARTICLE 30

Consultancy & project work

Privacy notices residents can understand. Data sharing agreements. Legacy data audits. Staff guidance. If it sits in the IG space, we scope and quote for it — one piece of work or an extended arrangement.

FIXED FEE · DAY RATE · PROJECT BASIS

See full service details
Professional reviewing documents at a desk

Why Clarita Advisory

We know what it actually looks like inside a council IG team.

The backlog that builds over a bank holiday. The SAR that arrives on the last day of term. The DPIA that lands in your inbox the day before the project goes live. We have seen all of it — because we have worked in it.

Clarita Advisory is led by a CIPP/E certified professional with over ten years in local government IG. We do not need to learn how public sector organisations work. We already know.

What that means for you

  • • No onboarding period where we learn your sector. We arrive knowing the FOIA exemption landscape, ICO enforcement priorities and what your monitoring officer needs to see.
  • • Responses in plain English — requestors who understand the answer are less likely to submit an internal review.
  • • One named contact for every piece of work. No account managers, no escalation chains.
  • • ICO registered. Professionally indemnified. Strict confidentiality on every instruction.

Getting started

Operational within a week. No lengthy procurement needed.

For contracts below the relevant threshold, councils can engage us directly — no tender required.

01 — INITIAL ENQUIRY

Initial enquiry

Tell us your situation — volumes, backlog, upcoming projects. No commitment.

02 — SCOPING CALL

Scoping call

Short conversation. We confirm what we’d do, how, and at what cost — in writing.

03 — AGREED & SET UP

Agreed & set up

Simple contract, purchase order raised, access and communication confirmed.

04 — WE HANDLE IT

We handle it

Work begins. Deadlines tracked and met. You’re informed at the level you want.

Start a conversation

Contact

The backlog won’t clear itself.

Send us a message and we’ll respond within one working day. No sales pitch, no pressure — just a straight conversation about whether we can help.