Asset 1
Asset 1
Asset 1

Paul Gillingwater MBA, CISSP, CISM, RHCE

Associate Partner

Connect With Me


Paul is Head of IT Security and Data Privacy Team and Registered DPO at xTech and has worked for more than 30 years as a cyber security specialist and advisor to businesses with their governance, regulatory and compliance requirements. More recently he has advised on data protection and is a passionate advocate of online privacy rights education.

Blog 09 Aug, 2022

Responsible AI

Struggle for the Soul of the Internet: How AI can help

We are living in a time when the influence of the Internet is stronger than ever and is dramatically...

09 Aug, 2022

Blog 02 Aug, 2022

Responsible AI

Responsible AI

You can download our infographic...

02 Aug, 2022

Blog 08 Jul, 2022

Responsible AI

White Paper: Responsible AI

Every week we see amazing new applications of AI such as the apparent ability to have meaningful conversations with...

08 Jul, 2022

Event 10 Mar, 2022

Cyber Security, Data, Ransomware

Ransomware Readiness

Don’t play into their hands, play by your...

10 Mar, 2022

Blog 06 Jul, 2021

Privacy, Cyber Security, Data, Ransomware, Information Security

Handling a ransomware data extortion attack

Security commentators, such as Kevin Beaumont1, are calling ransomware an existential crisis. If not handled...

06 Jul, 2021

Blog 17 Jun, 2021

Digital Transformation, Data, AI

Chaucer and BIP xTech's point of view on the new European Union Artificial Intelligence Act

“If our era is the next industrial revolution, as many claims, Artificial Intelligence is surely one of the...

17 Jun, 2021

Blog 21 Apr, 2021

Digital Transformation, Data, Data Ethics, AI

Responsible Data: about AI and its new risks, and the draft EU law to regulate them

Do you remember when Uncle Ben told Peter Parker that “with great power comes great...

21 Apr, 2021

Blog 18 Sep, 2020

Data Strategy

What Comes After The Privacy Shield?

By now, I hope you've had a chance to review the white paper EU-US Privacy Shield And Brexit and watch the panel...

18 Sep, 2020

Report 07 Sep, 2020

Cyber Security

EU-US Privacy Shield And Brexit

This white paper provides background and analysis on the recent CJEU decision regarding the EU-US Privacy Shield, and...

07 Sep, 2020

Report 03 Mar, 2020

Data Strategy, GDPR, Data Science & Analytics, Strategy, People Management

Background Checks & GDPR

It is a commonly accepted practice that businesses have the right to carry out background checks on prospective...

03 Mar, 2020

Blog 04 Dec, 2019

Data Strategy, GDPR, Privacy

Data Protection And The Use Of A CRM

This paper is intended to provide guidance, from the perspective of the DPO, in the appropriate governance of Personal...

04 Dec, 2019

Report 01 Aug, 2019


Business Call Recording in the UK and the Data Protection Act

With the roll out by Microsoft of Skype for Business and its new capabilities for call recording, what are the...

01 Aug, 2019

Blog 04 Jun, 2019

Data Strategy, GDPR

Understanding Data Risk

The more I think about the risks associated with processing business-sensitive, personal or special category data, the...

04 Jun, 2019

Blog 21 May, 2019

Data Strategy, Data Science & Analytics

Chaucer Report: Brexit Briefing

Keeping up with everything Brexit related is overwhelming to say the least – are we leaving or are we...

21 May, 2019

Report 10 Apr, 2019

GDPR, Privacy

Briefing On Brexit & UK Data Protection Act 2018

Highlighting important and interesting news and trends in the privacy...

10 Apr, 2019

Blog 07 Jan, 2019

Data Strategy, GDPR, Privacy

Are you ready to start building your Privacy Operations Centre (POC)?

It’s January 2019, and it’s been nearly three years since GDPR impinged on the consciousness of privacy and data...

07 Jan, 2019

Blog 27 Dec, 2018

Data Strategy, GDPR, Privacy

Data Protection Strategy for 2019-2020

You’ve reached the end of 2018 having successfully implemented your GDPR programme – but what’s next for...

27 Dec, 2018

Blog 03 Dec, 2018

Data Strategy, Privacy

Webinar: UK Energy Sector Data Protection Concerns

The General Data Protection Regulation (GDPR) continues to have an impact on data protection and privacy requirements...

03 Dec, 2018

Report 03 Dec, 2018


Data Privacy Newsletter: Issue 3 December 2018

Highlighting important and interesting news and trends in the privacy...

03 Dec, 2018

Blog 29 Oct, 2018

Data Strategy, Privacy

UK Energy Sector: Data Protection Concerns

In this paper, we will consider what special concerns are faced here in the UK by startups and challengers, especially...

29 Oct, 2018

Report 01 Oct, 2018

Data Strategy, GDPR

Data Protection Concerns for Start-ups & Challengers in the UK Energy Sector

Looking at what data protection concerns are facing U.K. start-ups and challengers, especially (but not exclusively)...

01 Oct, 2018

Blog 12 Sep, 2018

Data Strategy, GDPR, Change Management

New Rules for Clinical Trials in France

A look at the new rules applicable for clinical trials in...

12 Sep, 2018

Blog 26 Jul, 2018

Data Strategy, GDPR

Crypto-currencies and GDPR

Once the sole province of cryptographers and mathematics geeks, crypto-currencies and the underlying blockchain...

26 Jul, 2018

Blog 25 Jul, 2018

Data Strategy, GDPR

DPbDD: Data Protection by Design and Default

GDPR Article 25: Data Protection by design and by default – what does it all...

25 Jul, 2018

Blog 02 Jul, 2018

Data Strategy, GDPR

ICO Audit Readiness Preparation

In June 2018, the UK Information Commissioner’s Office issued new guidance around the process they use to conduct a...

02 Jul, 2018

Blog 02 Jul, 2018

Data Strategy, GDPR

Dealing with Data Breaches under GDPR

There are at least three types of data breaches, which are not mutually exclusive: Breach of Confidentiality, Breach of...

02 Jul, 2018

Blog 08 Jun, 2018

Data Strategy, GDPR, Privacy

Priority of DPA18 over GDPR & the challenge of Brexit

While the Data Protection Act (2018) is the current law of the UK and will remain so after Brexit, it is necessarily...

08 Jun, 2018

Report 01 Jun, 2018


Data Privacy Newsletter: Issue 1 June 2018

Highlighting important and interesting news and trends in the privacy...

01 Jun, 2018

Blog 01 Jun, 2018

Data Strategy, Privacy

Data Protection Officer Services: Pharmacy & Health Care

Pharmacy and health care industry bodies lost their fight earlier this month to gain an exemption from requiring a Data...

01 Jun, 2018

Report 01 May, 2018

Data Strategy

The Age Of Information: Data Monetisation

Organisations are not prevented from monetising the data they collect. They just have to be smarter about how they do...

01 May, 2018

Blog 23 Mar, 2018

Data Strategy

3 GDPR mythbusters

Can a product make you compliant under the General Data Protection...

23 Mar, 2018

Blog 17 Mar, 2018

Data Strategy

Do you need a Data Protection Officer?

The GDPR acknowledges the Data Protection Officer (DPO) as a key individual in ensuring compliance within your company,...

17 Mar, 2018

Blog 23 Jan, 2018

Data Strategy, GDPR, Privacy

Data protection awareness programmes

Business owners are being encouraged to plan and prepare for compliance now in light of the new General Data Protection...

23 Jan, 2018

Blog 17 Jan, 2018

Data Strategy, GDPR

Subject Access Requests: 10 Tips

If your organisation fails to respond to an Subject Access Request (SAR) in a time mannered fashion, as indicated...

17 Jan, 2018

Blog 05 Jan, 2018

Data Strategy, GDPR

UK Policing and the GDPR

The General Data Protection Regulation (GDPR) is planned to become legislation in the UK on 25th May 2018. The UK...

05 Jan, 2018