Startup Corner: Privacy Compliance Hub

Privacy Compliance Hub is a comprehensive data protection compliance programme. We hear more from founders Nigel Jones and Karima Noren, who met while working in Google’s legal department.

How would you describe Privacy Compliance Hub to a friend?

The Hub is an engaging platform which empowers organisations to get privacy sorted, in a continuous, demonstrable and cost effective way. 

And to a techy?

In much the same way! Our all-in-one platform enables organisations to establish, maintain and demonstrate a culture of continuous privacy compliance. It’s unlike other solutions, which can be cumbersome and costly, in that we’ll show you how to do it, give you everything you need to do it, and help you demonstrate that you’ve done it.  

When were you founded?

In the summer of 2017.

By who?

Our co-founders are Nigel Jones and Karima Noren.

Who are your key managers/senior execs?

We have chosen a novel way of working in that we don’t have multiple layers of key managers or senior executives. Instead of hiring big teams and having shiny offices, we work with highly experienced and knowledgeable experts and consultants. We share our vision and needs and they deliver. It’s an extremely efficient way of working and it’s how we make our product better every day. 

Who are your target clients?

Tech-enabled companies that process data with between 50 and 1,000 employees, although we have a few customer with many more and a few that have less! 

What is your plan (growth strategy)?

We are ambitious. Our growth strategy is simply to let everyone know we exist.

We truly believe in our approach for getting privacy sorted. We believe that if every tech-enabled company that processes data had a Hub, the world would have less of a privacy crisis. Our co-founder Karima Noren attended the recent ICO25 briefing, where the Information Commissioner, John Edwards, said the ICO is focused on empowering organisations to achieve real privacy compliance in a practical way. That’s what we do.  

Our platform is incredibly easy to use. There are no costly and time consuming implementations required. Organisations can get started with our free GDPR health check

And your key achievements?

There is research to suggest that 92% of Software as a Service (SaaS) companies close within the first three years. But we are alive, kicking and growing. Our clients value us. And we keep an open dialogue with them to continually evolve our Hub and what it offers them. We listen, learn, iterate and improve. 

We work with clients as varied as Channel 4, ClearBank, Railsbank, GoCardless, Second Nature, Proximie, and Keller Postman. 

Have you received investment?

We wanted to avoid ceding control by seeking outside investment. Therefore, we started selling iterations of our product for one off fees. Those fees went straight into product development.  Since 2019 we have been successfully selling our product using a monthly subscription model.

Have there been any key changes in direction since you were founded?

We were the lawyers helping our clients get out of trouble because they were not actively doing privacy compliance. We felt that this was bad lawyering and that we could do better for our clients.

We built a SaaS platform which enables organisations that care about privacy achieve real privacy compliance in the real world. It’s about embedding privacy deep in the DNA of an organisation.    

We also launched our ‘Hub Plus’ offering in conjunction with law firm Mishcon de Reya just over a year ago. Clients get the platform plus help from Mishcon de Reya, whether that be via their legal hotline, or by way of project management support to conduct meetings of the client’s privacy champions.

What are the key challenges in your market?

We don’t claim to offer a silver bullet because it doesn’t exist. That’s a challenge in and of itself because people like silver bullets. Our product uses technology to create a culture which solves privacy problems. But cultural change can be a harder sell. We’ll continue to do it though because it’s the right approach. That said, there are third party vendors that do promise a silver bullet and that can of course be detrimental to us. 

Organisations are also facing unprecedented economic pressure thanks to Brexit, the Covid-19 pandemic, Ukraine war and high rates of inflation. This means their funding has been cut for solutions such as ours. Some companies aren’t prioritising privacy compliance because they see it as a risk they can take. That it’s unlikely something will go wrong. Of course that’s only true until it happens.

There is also a lack of understanding that privacy is continuous. It’s a programme, not a project. It needs an owner. And it requires the involvement of everyone within a business. Everyone needs to understand privacy, care about it, and do their bit to protect it. 

Tell us something people don’t already know about the company?

Nigel and Karima met while working at Google – Nigel was the head of legal at Google EMEA, and Karima was the head of legal in emerging markets.