Our Trainers

 Bal is an experienced Solicitor, COLP (Compliance Officer for Legal Practice) and holder of a GDPR Practitioner’s Certificate with almost 20 years of experience across a broad range of practice areas.

Having co-founded a successful legal practice in 2002, specialising in both contentious and non-contentious work, Bal decided to follow the compliance route for the next stage in his career and began to focus solely on privacy and data protection.

Having successfully helped to design and implement GDPR compliance programmes across the education, public and private sectors he is an experienced privacy lawyer well versed in the GDPR as well other national and international privacy laws. His work involves all aspects of data protection compliance including drafting policies and procedures, advising on lawful processing, marketing international transfers and Brexit planning.

Bal’s work has encompassed working with teams across business, technology, HR and technology functions to implement and embed privacy by design as well as dealing with ad-hoc queries for business as usual activities.

Bal is currently engaged as Global Privacy Counsel for the world’s third largest travel technology solutions provider where he is involved in all aspects of the business’s global privacy compliance programme.

Barry is one of our training consultants. He has years of experience in the field and offers bespoke and off the shelf courses focusing on Information Governance within the Health and Social Care field.

Barry won the ICOs Practitioner Award for Excellence in Data Protection Award 2020. He is a Chair for the Eastern Region IG Forum.

Barry has had a number of successes during his career. He formed the first national Strategic Information Governance Network Group, he supported the development of the former NHS Information Governance Toolkit and developed a national career path in the NHS for those working in data protection.

Barry delivers our health focused GDPR training, SIRO and Caldicott Guardian courses.

Bilal is an information governance professional, with more than 9 years' experience in central and local government in and around London, NHS, regulatory bodies and the voluntary sector. 

Bilal was on the British Standards Institute Committee for the GDPR update to the the data protection standard, BS 10012:2017. He also delivers our BCS Practitioner Certificate in FOI. 

Bilal has also spoken on FOI at the 6th Conference of Scientific Archivists in Brazil; the PDP FOI Conference in London; the National Police Chiefs' Council FOI/DP conference; trainer for Understanding ModernGov, Civil Service College; TNA IMLG and numerous other conferences.

Gary is an experienced Data Protection, Cyber Security and Data Governance professional having spent almost two decades managing Data, Intelligence and Information Teams.

He has a strong commercial background having operated in both the United States and the United Kingdom at board and senior management levels within organisations such as Safetywing.com (Silicon Valley) HMRC, Yorkshire Building Society Group, Together Financial Services Ltd, the Home Office, JBW Group, Marks and Spencer PLC and the Cheshire Constabulary. 

Gary has led numerous GDPR programmes, successfully delivering not only compliance, but also defined BAU ways of working and successful implementation of robust data governance frameworks.

He is a proficient privacy trainer and can devise policy, procedures and training modules that are intuitive and relatable to office and field-based staff, suppliers and partner agencies.

Gary has experience in managing suppliers and third-party service providers, effectively carrying our compliance assessments and identifying risk areas for remediation. This includes the inclusion of robust on-boarding procedures and review of contract content.

He has background in managing stakeholders ranging from board members to senior managers and Members of Parliament. I have a pragmatic approach to compliance, have the ability to apply sound judgement and effectively demonstrate balanced commerciality when making decisions.

Inga has a PhD in Science and Technology Studies from University College London (UCL), and an MSc in Science and Technology Policy Research from Manchester University. She is a Certified Information Privacy Professional/Europe (CIPP/E), a Certified Information Privacy Manager (CIPM), and is an ISO 27001 Certified Information Security Management System (ISMS) Lead Implementer.

Inga enjoys bringing what some may see as a ‘dry’ subject to life through consultancy and training. She is able to translate complex data protection issues into clear and understandable language; to enable clients to make informed business decisions in relation to data protection. She has experience of working with a range of public and private sector clients, including: tech start-ups, charities, multi-national organisations, Non-Governmental Organisations, and financial services organisations. 

Natalie is an Exeter University graduate, with a background in teaching Mathematics at GCSE & A-Level. After switching careers from education to Data Privacy, Natalie made use of her exceptional organisation skills, and eye for detail assisting the Operations Director in the day-to-day running of DPAS.

Natalie also helps to deliver some of our accredited training courses, using her teaching background to offer a practical, professional approach and ensure consistent outcomes

Nav joins the DPAS team as one of our external training consultants. Nav’s experience is vast specialising in Cyber Security, Security Management and Security Architecture. 

Nav has 23 years’ of experience leading Information Security teams, for International Organisations, all over the World. 

Nav also has experience in the development of Security target operating models to support business and IT global functions. He has exposure to global regulatory change and control implementation with a specific focus on Asia Pacific. More recently focusing on the upcoming changes to European Data Protection Law.

Nav leads our Cyber Security training programme. 

The Data Privacy Advisory Service was started by Nigel Gooding in March 2017. Nigel has worked in many different private, and public sector organisations as a consultant, specialising in data protection for the majority of his career. The company was grown out of his passion to protect data and his pragmatic view around how to do this.

Nigel, who wrote the UK's first CPD Accredited DPO Training Course. Nigel who has been DPO for South Western Ambulance and Macmillan Cancer support as well as managing a shift as an Health Care Assistant in local Emergency Department.  Nigel has also worked for 2 regulators and was the Chief Operating Officer for NHS Direct and in his spare time is writing his Masters in Information Rights Law and Practice dissertation to add to his Postgraduate Diploma and Certificate.

Ralph is a trusted advisor on Global Privacy and Security compliance, practices and management. He believes good information governance adds business value to achieve business objectives and return on investment. His role includes acting as a senior level "translator" between IT, business and compliance professionals, thought leadership, business development, partnerships and product development.  His experience includes strategic GDPR adoption programmes, advisory services and assurance delivery in global multinational environments.   

Prior to that, he has been an experienced Product and Services business development lead, Principal Consultant and Manager, delivering training, consultancy and audit of data protection, business continuity and information security - Management of consultancy and audit teams across multiple topics, responding to tenders and delivering solutions proposals. He is a BSi lead assessor and BCS/ISEB lead tutor in information security management.  

He has worked in a wide variety of industry sectors including the with a focus on Defense, Public Sector, Pharma and Financial Services, representing both multinational corporations and boutique specialist consultancies.   

He continues to be a hands-on practitioner, combining business level consultancy with training and technical experience. He has implemented the ISO 27002 code of practice and has repeatedly both assessed and implemented ISO/IEC 27001, BS 10012-2, ISO 9001 and BS25999-2 standards through to certification. He was responsible for the first global joint 27001/25999 management system to be certified.  

With a focus upon business processes and the protection of information, and an ethos of management assurance, risk management and knowledge transfer he continues to ensure effective protection of assets appropriate to the business needs of the client.

As our Head of Data Protection Consultancy, Sandy brings valuable knowledge and experience to DPAS, having specialised in data protection since 2011.

Sandy has a hands-on approach in leading our clients to comply with the GDPR and data protection laws. She works with other members of our team to introduce data protection principles and operating practices across multiple organisations.

As a qualified lawyer and data protection practitioner, Sandy has worked with a wide range of clients, from small private organisations to large public authorities, advising them on a variety of data protection matters, from straight forward subject access requests to comprehensive and complex audits.