UK specialist DSAR practice

Specialist DSAR response.
Audit-defensible by design.

We only focus on subject access requests and provide a quality and affordable service. Our specialists are trained by Data Protection Officers overseeing data privacy functions at multinational, household brands. We understand the time and financial cost of dealing with these requests and use technology and expert knowledge to take away the stress from in-house teams.

What we do

Two options — complete outsourced fulfilment or advisory service.

Managed DSAR service

End-to-end DSAR fulfilment

We take the request and return a defensible response within statutory timelines. You retain the relationship with the data subject and the regulator-facing record — we handle the operational lift.

Our support:

  • Receipt, identity verification, and scope confirmation
  • Deduplication, redaction and exemption application
  • Response letter and audit-defensible record bundle
Discuss your DSAR volume
DSAR advisory

Advisory service

For teams who want to keep DSARs in-house but need the right process, training and playbooks.

Our support:

  • Policy, procedure, and template suite build
  • Disclosure decision frameworks and playbooks
  • Regulatory engagement support
  • Training using case studies
Scope an advisory engagement
Why us?

Specialist by design — not by default.

Our focus is on providing a quality, quick and affordable service. We solve a headache.

01

Specialist focus

We only do DSARs. Our advantage is the innovative use of new technology, deep practical experience and the understanding of the importance of audit trails.

02

Specialist delivery

Every engagement is shaped and overseen by a senior privacy professional with consulting and in-house experience.

03

Technology-enabled

Our use of workflow tooling accelerates intake, scoping, and review. Technology does the heavy lifting but our privacy specialists apply their deep knowledge to provide a quality result that is defendable and ready for release.

04

Audit trail by default

Every step in the process is logged, creating an audit trail that is clear and defendable.

Process

The DSAR process — end to end.

1Receive

Log & acknowledge

2Verify ID

Confirm identity

3Search

All systems

4Compile & dedup

Remove duplicates

5Redact

Protect third parties

6Review & exempt

Apply exemptions

7Finalise

Cover letter + sign-off

8Distribute

Secure & on time

All within 1 month (or 3 months for complex requests)

At the end of the process you are provided with a response pack that gives clear background and context for regulators and any follow-up requests or queries.

About Just DSARS

Built by a senior privacy practitioner.

Just DSARS is the dedicated DSAR practice within the VulaPri group — sister to VulaPri's fractional DPO and advisory practice.

All our agents are required to complete recognised qualifications, including the BCS Foundation Certificate in Data Protection. Ongoing training is provided by senior Data Protection Officers with multinational experience.

The practice head is Fred Oberholzer, a senior privacy practitioner with consulting and in-house experience across UK GDPR, EU GDPR, and global data protection regimes. Former EMEA Privacy Director and EMEA Group DPO at Canon Europe Ltd. Current IAPP Board Member.

Just DSARS Ltd is registered in England & Wales. Part of the VulaPri group.

Practice fundamentals

  • UK-registered entity — Just DSARS Ltd, England & Wales · Co. 17201994
  • Senior-led delivery on every engagement
  • UK GDPR & Data Protection Act 2018 baseline
  • Agents qualified via the BCS Foundation Certificate in Data Protection
  • Part of the VulaPri group
Get in touch

Tell us what's landing on your desk.

Contact us for a free consultation. Our pricing structure is clear and capped — our clients like the fact that costs are capped, preventing the cost escalation that can wipe out an annual budget with one complicated case.

Prefer email? hello@justdsars.com

We'll reply within one working day.