our values

Heimdall360 Ltd are experienced Data Protection and Information Security specialists who are dedicated to helping you find the right level of protection for your data. We can help you comply with GDPR, UK Data Protection law, CCPA and others by ensuring you have the right policies, processes and information security controls in place. With more than 30 years’ experience across multiple sectors, we understand there is no single, one size fits all solution to data security. What we deliver to you will be a solution that fits your organisation's specific needs, is compliant and more importantly can be easily maintained.

We believe our values of honesty, integrity and responsibility closely match the Data Protection principles of transparency, fairness and accountability. This guides us in the way we support our clients, and we strongly believe if you can demonstrate these values in your Data Protection and Information Security controls, they will also guide you towards being legally compliant.  

who we support

Established in 2014 and based in Oxfordshire, we have helped a number of clients from different industries implement or improve their Data Protection and Information Security controls.  

We have worked across sectors from education and research to manufacturing and retail; helping them understand their data lifecycles and how best to protect their business, their clients and their suppliers. Every business is different, so it's about finding the right solution that can be implemented and maintained in your environment.

Who Are We?

Heimdall360 Ltd was founded by Lee Ellaway in 2014 after spending nearly 30 years in the military collecting, storing, sharing and securing sensitive data as part of operational investigations in the UK and abroad. He has worked within and led organisations of various sizes, in different situations and environments, using a variety of systems and data types, to effectively manage and secure their data.

Since founding the business Lee has helped organisations protect themselves and their customers by establishing effective data management structures and controls.  As a certified Data Protection practitioner, Information Security manager, a Lead Auditor and Implementer of ISO27001, he can provide a single source of advice across the whole range of requirements for GDPR and a number of other Data Protection regulations.

We've been certified by