Whistle-blowing is a valuable feedback mechanism that allows an organization to understand the ramifications of its actions usually before they become a problem. If you consider that most notifiable data breaches are usually preventable, wouldn't you rather that the event didn't happen in the first place? - the affected people certainly would!


People suffer as a result of a data breach! Identity-Theft is just one way that real people suffer real loss, in the real world. We advocate whistle-blowing and we will address the concerns in your complaint in a calm and persuasive manner in an effort to educate and prevent a potential data breach down the track that does cause serious harm. While this might seem Utopian - data protection is about preventing serious harm and addressing issues before they get to that stage.

Whistle-blowing and whistle-blowers are protected by law in just about all the developed countries of the world, and it is seen as a valuable way of getting to the truth in organizations that are less than open to staff or employee engagement, this includes Government, Public and Private companies. In regions such as the US, UK, and Australia there are laws that prevent reprisal against whistle-blowers. In countries like India, it is a voluntary code, at the discretion of the employer.

How can we help you?

We can only assist people who have a complaint about a company, or government agency that is specifically Data Protection related. We encourage you to come forward - and confidentially tell us about your complaint. We will talk to the organisation and try to resolve the problem. You might have been told by your boss something like "company profits come before people's privacy" or "just use the data they will never know" neither of these is in the spirit of any Data Protection laws anywhere in the world, and are in fact, in most regions defying data protection laws. We will work out if there are any laws that your whistle-blower report breaches.

Is this Confidential?

Your identity as a whistle-blower will never be revealed to the company that the complaint is about. In fact, we are sworn by our Whistle-blower Collection Statement and Privacy Policy not to reveal any Personal Data about you to a third-party. Of course, the notable exceptions are courts and responsible appropriate government regulators or law enforcement agencies that may inevitably be called upon to further investigate your complaint. If your complaint is about a law enforcement agency's handling of personal data or a breach of data protection laws applicable to that agency, we will work with a federal or senior law enforcement agency that demonstrates oversight of the complainant agency.

How much does it cost?

This service is provided free of charge. Due to the large volume of complaints, we prioritise complaints based on severity and likelihood of harm (to others) and in all unresolved cases the issue will be reported to the appropriate law enforcement or government agency responsible for Data Protection investigations in the country that the complaint refers to, or the regions that demonstrate legislative control, which may not be the same country that the complaint refers to, but we will work that out with you. 

What sort of complaints can you lodge with us?

We only manage, handle or deal with Data Protection complaints. That is when people's private information is gathered, used, stored or abused in a way that is not considered reasonable by a "normal person" or simply breaches the law. For example, if you know that people have given information to your organisation via your website for a specific purpose and your company wants to use those personal details for something else, then this is the sort of thing that we can help you with. We're not asking you to know all this, we are, however, asking you to exercise genuine concern and judgment about the situation and if you think that people may get seriously harmed (e.g. Identity-Theft, financial loss, scams or physical harm) by these actions, we encourage you to report them, no matter how insignificant or minor it may seem.

What are the next steps?

To get the process started, you need to read and understand the Whistle-Blower Collection Statement and Privacy Policy and send an email to the address provided in that document with the appropriate information or complete the on-line form (below) with all the required details.

Will we keep you informed of the outcomes?

Yes - We will let you know each step of the way, what is going on with your case and if we need more information from you.

Be the First to Know... Visit & Subscribe to our BLOG

Contact Us

This form is for general inquiries. If you are emailing about an existing case regarding a client that we represent, please reply to any of the email communications that you may have received from us about your matter. If you want to lodge a data subject request with a client that we represent, please visit the Data Subject Request form. You will need to know the Membership ID of the company that you would like to service your request. This information must be published on the contact page of our members website and in their Privacy Policy or Collection Statement.

If you wish to lodge a Data Subject Request regarding our service, our GDPMS ID is UK440000. Only use this code if the request is to be handled by us, that is information we have about you. If you would like to read our Privacy Policy and Collection Statement.










Maizieres Les Metz


Cirie TO



United Kingdom

71-75 Shelton Street

Covent Garden


+44 20 7442-5785

(207) 442-5785

United States

Suite 3377

304 S. Jones BLVD

Las Vegas NV 89107

+1 85 5577-8682

(US/Canada Toll-Free)








Full Service Regions



PO Box 834


NSW 2057

+61 4 6621-2726

(04) 6621-2726

Collection Statement & Privacy PolicyWebsite Cookie Policy | Support Desk

© 2010 - 2019 SPTG LLC, GDPR Forensic Limited. All rights reserved.

Data Protection*Services and eu.uk.com are Trademarks of GDPR Forensic Limited (UK) and associated companies.

All prices on this website are EUR/EURO "€" unless otherwise stated.

The eu.uk.com star logo and the DPO and CA seals are Trademarks of GDPR Forensic Limited,

unauthorised use is prohibited.