DPO DPO Israel
Open as Markdown
Services

Eight privacy services.
One roof.

Full envelope of DPO, Privacy, GRC and InfoSec services for Israeli organizations after Amendment 13. The core is DPO as a Service — formal appointment under personal accountability. Around it: gap analysis, mapping, DPIA, vendor privacy, incident response, integrated GRC, and public tender response. Buy the full bundle, or just a single service.

Book an intro call Free check: do you need a DPO?
What's included

Eight services in one place

Core

DPO as a Service

Formal appointment of an outsourced Data Protection Officer. Single contact for the Authority, management, staff, and vendors.
Starting point

Amendment 13 gap analysis

Structured review against Amendment 13 and the 2017 Security Regulations. Prioritized gap report + 90-day action plan.
Foundation

Data mapping (RoPA)

Discovery and documentation of every personal-data asset — systems, fields, purposes, subjects, sensitivity, vendors.
New projects

DPIA — impact assessment

Data Protection Impact Assessment for new projects, AI systems, sensitive processing or third-party data sharing.
Supply chain

Vendor privacy & DPA

Vendor privacy questionnaires, DPAs (HE/EN), Transfer Impact Assessments, and contract lifecycle tracking.
Crisis mode

Incident response

Breach / ransomware / human error. 72-hour Authority report, data-subject communications, post-mortem.
CISO + DPO

GRC + Privacy combined

Integrated Governance, Risk & Compliance: ISO 27001/27701, risk assessments, controls, audits, SOC 2 readiness.
Public sector

Public tender response

Professional response for public DPO tenders: documents, CVs, proposed team, SLA, conflict declarations, certifications.
Retainer bundles

DPO as a Service tiers

Three retainer tiers. Prices are a starting point — not a closed box. Final pricing depends on scope, sector, and number of databases. Written quote within 48 hours after the call.

DPO Basic

Nonprofits, small businesses, small entities

4,500-6,500 ILS / month

  • Formal appointment
  • Basic mapping up to 3 databases
  • Short-form gap analysis
  • Baseline policies
  • On-call incident response
Get a quote
Most popular

DPO Public

Municipalities, mid-size companies

8,500-14,000 ILS / month

  • Everything in Basic
  • Full mapping of all databases
  • Annual work plan
  • Staff & committee training
  • Quarterly & annual reporting
  • SLA tracking
Get a quote

DPO + GRC Lite

Public tenders, healthcare, fintech, SaaS

15,000-28,000 ILS / month

  • Everything in Public
  • Part-time CISO/GRC days
  • Risk assessments
  • ISO 27001/27701 readiness
  • Vendor questionnaire management
  • Enterprise customer support
Get a quote
Project-based

Not committing to retainer? Buy a project.

ServicePrice range
Gap Sprint (90-day quick-start) 18,000-45,000 ILS
DPIA / PIA project 6,000-15,000 ILS / assessment
Vendor Privacy Pack 3,500-9,000 ILS / vendor batch
Incident Privacy Support 450-850 ILS/hr or 8,000-25,000 ILS / incident
Public DPO tender response 6,000-18,000 ILS / tender

Services — frequent questions

What is the difference between DPO as a Service and the GRC + Privacy package?
DPO as a Service focuses on the specific DPO obligations under Amendment 13: appointment, Authority response, management advice, staff training, ongoing privacy oversight. GRC + Privacy expands to the full Governance/Risk/Compliance framework: ISO 27001/27701, technical risk assessments, internal audits, broad oversight. Public sector combined tenders (CISO+DPO as a Service) require the combined package. See details.

Can we buy a standalone service without DPO as a Service?
Yes. Gap analysis, data mapping, DPIA, or incident response can be purchased as standalone projects. Many clients start with a Gap Sprint or mapping, then move into a DPO as a Service retainer.

Do you have public tender experience?
Yes. Public tender response is part of our offering, with ready response documents, proposed team, and sample SLA. Most current Israeli public tenders (Ramat Gan, Ganei Tikva, regional clusters, universities) require a Chief DPO + bench structure — which is exactly our model.

What about ISO 27701, GDPR, or SOC 2?
The GRC + Privacy package handles ISO 27701 readiness (the international privacy standard), GDPR support (for organizations active in Europe), and the Privacy controls required for SOC 2 Type II. The CISO in our bench covers ISO 27001 and the technical security framework.

What are the actual prices?
Basic retainers start at 4,500 ILS/month for small organizations, going up to 28,000+ ILS/month for full DPO + GRC packages. Project-based services (DPIA, Gap Sprint, tender response) are priced per deliverable. Every quote is customized after a 30-minute intro call — no shock price, no surprise add-ons.

Which services fit your organization?

30 minutes — followed by a written recommendation. No package pushing, no shock pricing.

Book an intro call