CLARITY IN COMPLEXITY
Expert compliance consultancy, tailored to your business
Whether you're a small business taking your first steps towards compliance, or an established organisation looking for expert guidance, navigating data protection, information security and governance doesn't have to be complicated. At Westcroft Consulting, we bring clarity to complexity - working alongside you as a trusted partner to help you understand your obligations, manage your risks, and build practices that give you and your stakeholders genuine confidence.
Independent expertise, when you need it
WHY EXTERNAL EXPERTISE?
Having access to specialist expertise shouldn't be the preserve of large organisations with in-house legal and compliance teams. Bringing in an external consultant means you get focused, independent knowledge exactly when you need it - without the overhead of a full-time hire. We take the time to understand your business first, so that the advice you receive is practical, proportionate, and tailored to your specific circumstances.
SERVICES OVERVIEW
What we can help with
Data Protection & Privacy
GDPR and data protection legislation complaince reviews and support including:
Data mapping
Privacy notices
Subject access requests
Data processing agreements
Personal data breach management
DPO as a Service
A named, experienced Data Protection Officer (DPO) on hand to advise, oversee and guide your data protection responsibilities, including, regulatory liaison, without the commitment of a full-time hire.
Information Security
Risk assessments and management.
ISO 27001 support, including implementation, management and audit.
Incident response planning and management.
Employee awareness and training.
Governance, Risk & Compliance
GRC framework design.
Internal audit support.
Compliance gap analysis,
AI Governance
We offer a comprehensive range of consultancy services designed to fit around your business. Whatever your starting point, we're here to help you move forward with clarity and confidence.
EXPERIENCE YOU CAN TRUST
About the founder
Christopher McDonnell
Managing Director and Principle Consultant
With over 15 years of experience spanning data protection, privacy, information security and governance, Christopher founded Westcroft Consulting to do something straightforward: make expert compliance guidance accessible to organisations of all sizes, without the complexity, cost or jargon that so often comes with it.
His career has been built on translating complex regulatory requirements into practical, workable solutions. Having spent over a decade operating at senior level within large, multinational organisations - leading enterprise-wide privacy and compliance functions, developing data protection frameworks, overseeing privacy impact assessments, managing data breach response, and engaging directly with regulatory authorities. Christopher has built global privacy programmes from the ground up, embedding privacy-by-design principles across legal, IT and business functions in complex, cross-border environments.
What makes Christopher’s background a little different is where it started. Before moving into data protection, he spent nearly a decade as a nurse and senior nursing manager in the NHS and charitable healthcare sectors in London - leading teams, managing complex patient care pathways, and operating in environments where attention to detail, accountability and trust aren't optional. That grounding shapes how Christopher works with clients today: practically, carefully, and always with a focus on what actually matters to the people involved.
Christopher holds some of the most respected qualifications in the field, including CIPP/E, CIPM and the Fellow of Information Privacy (FIP) designation - awarded to fewer than 500 people globally, as well as ISO 27001 Lead Auditor, ISO 27001 Lead Implementor and Certified Data Protection Officer (C-DPO) credentials.
Based in Barcelona, Christopher works with clients across Europe and further afield, bringing senior-level expertise to organisations that need it - on the terms that suit them.