top of page

Our Services

Fractional DPO Services

Not every organization needs a full-time Data Protection Officer, but many need access to experienced privacy leadership. Our fractional DPO services provide practical guidance on privacy compliance, data governance, and day-to-day decision-making.

Our fractional DPO support can include:

  • Privacy program design and roadmap development

  • Data mapping and processing activity reviews

  • Privacy notices, policies, and consent practices

  • Vendor and processor reviews

  • Data subject rights workflows

  • DPIAs and privacy risk assessments

  • GDPR and U.S. state privacy law guidance

  • Internal privacy training and stakeholder support

We help you build privacy practices that fit your actual operations and stage of growth.

Fractional CISO Services

Small organizations still face meaningful security risks, even if they do not need a full-time information security executive. Our fractional CISO services help you establish a practical security foundation and make informed, risk-based decisions.

Our fractional CISO support can include:

  • Security strategy and roadmap development

  • Security risk assessments

  • Policy and control development

  • Vendor security reviews

  • Incident response planning

  • Access and account management guidance

  • Security awareness training

  • Support with customer security questionnaires

  • Readiness planning for future frameworks or audits

We focus on building realistic security programs that improve resilience without overengineering your operations.

AI Governance Program Development

AI adoption can create real value, but it also introduces legal, ethical, operational, and reputational risks. We help organizations design practical AI governance programs that support responsible use without blocking innovation.

Our AI governance services include:

  • Development of AI governance frameworks

  • Acceptable use standards for AI tools

  • Accountability and oversight structures

  • Documentation requirements and governance records

  • Testing and monitoring expectations

  • Risk identification and mitigation strategies

  • Guidance for responsible adoption of AI tools and automated decision systems

We help organizations create governance structures that are practical, defensible, and aligned with how teams actually use AI.

Privacy Compliance Assessments

Understanding where you stand is often the first step toward meaningful privacy compliance. We assess current data practices against applicable legal and operational requirements and identify where improvements are needed.

Our privacy compliance assessments can include:

  • Reviews against GDPR, CCPA, and other privacy frameworks

  • Identification of compliance gaps and risk areas

  • Assessment of privacy notices and transparency practices

  • Review of consent practices and user choice mechanisms

  • Evaluation of internal procedures and controls

  • Prioritized remediation roadmap with practical next steps

These assessments are designed to help organizations move from uncertainty to a clear and manageable action plan.

Website Privacy & Cookie Compliance Reviews

Websites are often the first place privacy issues become visible. We review website privacy and cookie practices to help organizations improve transparency, reduce compliance risk, and align public-facing practices with applicable requirements.

Our website review services can include:

  • Review of website privacy notice accuracy

  • Assessment of cookie disclosures

  • Review of consent banners and user choice mechanisms

  • Identification of tracking technologies and related disclosures

  • Alignment review against GDPR, CCPA, and similar requirements

  • Recommendations to reduce regulatory and reputational risk

This service is especially useful for organizations that want to ensure their website reflects their actual data practices.

Privacy & Security Foundations for Startups

Early-stage companies need practical answers, not enterprise-level overhead. We help startups put basic privacy and security measures in place so they can grow more confidently and respond to customer expectations.

Common startup support includes:

  • Founder-friendly privacy and security roadmaps

  • Website privacy notices and cookie practices

  • Customer-facing security and privacy documentation

  • Data handling and retention guidance

  • Lightweight policies tailored to your operations

  • Support for sales, procurement, and diligence questions

  • Early preparation for enterprise customer expectations

We help startups build enough structure to reduce risk and support growth—without slowing the business down.

Nonprofit Privacy & Security Support

Nonprofits often handle sensitive data with limited time, budget, and internal support. We provide practical privacy and security guidance tailored to small teams and mission-driven organizations.

We can assist with:

  • Donor, volunteer, client, and beneficiary data practices

  • Privacy notices and internal policies

  • Basic security controls and risk reduction measures

  • Vendor and platform reviews

  • Staff training

  • Incident readiness planning

  • HIPAA compliant forms development

  • Responsible AI use guidance

Our approach is pragmatic, mission-aware, and designed for organizations that need meaningful help without unnecessary burden.

Policy, Documentation & Training

Strong programs depend on clear documentation and practical guidance that teams can actually use. We help organizations create policies, notices, and training materials that are understandable, useful, and tailored to real operations.

Examples include:

  • Website privacy notices

  • Internal privacy policies

  • Information security policies

  • AI acceptable use policies

  • Data retention guidance

  • Incident response plans

  • Vendor review checklists

  • Employee training materials

  • Leadership and board briefings

We focus on documentation that supports real decision-making, not generic templates that sit unused.

Need help getting started?

Whether you need fractional leadership, a privacy compliance assessment, an AI governance framework, or a website privacy and cookie review, Schinn & Burgess can help.

Contact us to request a quote or schedule an introductory conversation.

Data Privacy
Information Security
AI Governance
Compliance Audit
Website Privacy
Nascent Programs
Nonprofit
Policy

Schinn & Burgess is a low-volume boutique consulting firm providing fractional DPO and CISO services, along with practical advisory support in AI oversight, privacy compliance, and security governance. We primarily work with early-seed startups, nonprofits, and small organizations that do not have the budget for a full privacy or security program, but need experienced help to lay a firm foundation for growth.  Our services are designed to be clear, right-sized, and actionable. Below is a list of our core services.

Let us know how we can help.

Thanks for reaching out.

We'll be in touch soon.

bottom of page