The UK Privacy Culture Awards June 2020

The Privacy Culture Awards will recognise and champion organisations and individuals that have considered privacy as an opportunity to gain a sustainable competitive advantage by embedding a ‘culture’ of privacy throughout their organisation.

This event is on the evening of PrivSec London June and will have over 500 people in attendance.

The story so far...

Data Protection World Forum is a producer of global events and publications focusing on the challenges and opportunities in data protection, privacy and cyber security.

Our events have been attended by over 20,000 delegates from around the globe, providing the latest information, guidance and advice to an ever-growing industry.

We have also been celebrating the achievements of those who are championing this evolving industry through our DPO200 and PrivSec200 lists.

The Privacy Culture Awards 2020 will shine a light on those organisations taking this nascent community to new heights, and driving-forward the progression of privacy.

Sector Awards:

Financial Services
Professional Services
Healthcare / Pharma
Retail/ E-commerce
Public Sector
SME (small-to-medium-sized enterprise)
Criteria for Sector Awards

This award is for an organisation within the Financial Services industry that stands out for its commitment to data protection and privacy.

In this heavily regulated sector, the constant shifting of sensitive, valuable information means even the smallest incident can have global repercussions. In such a turbulent data environment, it is imperative that data practitioners adhere to the highest standards of cyber-security.

The quantity of confidential information passing through Professional Services puts the sector under constant threat of an attack from would-be data thieves.

Safeguarding data and minimising risk have thus become core priorities for executives and IT professionals within Professional Services firms as they strive to support British businesses.

This award recognises the efforts of an organisation within Professional Services that has demonstrated its drive to improve data privacy, thus upholding the digital health of the wider UK economy.

The Healthcare and Pharmaceutical industries deal with our most personal and sensitive data. In such a high-stakes climate, providers are under increasing pressure as they bid to balance data privacy and cybersecurity with efficient delivery of the highest possible standards in care.

This award recognises an organisation in this sphere that has shown compliance with evolving data law while making measureable improvements to patient privacy.

Falling victim to the cyber-criminals is always an ever-present danger in today’s tech climate. The sheer weight of personally identifiable information (PII) as well as payment card data that firms in this sphere process means this reality is unlikely to change anytime soon.

This award recognises an organisation in Retail or Ecommerce that has taken strong action to mitigate this ongoing risk, in a way that meets the obligations of legislative frameworks such as the General Data Protection Regulation.

Data-driven marketing is an established standard for businesses across all industries, with marketing teams increasingly turning to personal information to craft consumer-base profiles with forensic detail.

As laws surrounding data handling have tightened, it has never been easier for marketing firms to compromise user privacy, fall foul of privacy regulators and fatally undermine the reputation for being a responsible data handler.

This award recognises the endeavours of a company within Advertising or Marketing that can demonstrate an ethical approach to cyber-security through a strategy that puts consumer. 

Cyber-attacks and data breaches have become a part of normal life for organisations in the Public Sector, with the UK’s councils and local authorities being hit by around 800 cyber-attacks every hour in 2019.

In such a critical data handling environment, bosses who fail to treat cybersecurity as an absolute priority risk a high-profile data breach and subsequent stiff financial penalties.

This award recognises the work of a Public Sector body that can evidence delivery of the strong data protection standards that UK citizens both expect and deserve.

Major Membership organisations must be paragons of trust and transparency when it comes to relationships with members. The GDPR has become a keystone of this trust, and a robust cybersecurity strategy that champions compliance is now an absolute minimum for bodies in this crucial sector.

This award recognises a Membership organisation that can show how it is adhering to the highest data privacy standards, while showcasing a cybersecurity strategy that aligns with evolving data law in the UK and abroad.

Technology underpins global digital transformation and the data on which it thrives. In turn, the industry must create solutions that complement the cybersecurity programmes of organisations that exist way beyond the parameters of the Tech itself.

This award recognises a company that upholds the strongest data protection standards, and which instils these standards into products and services to power the cybersecurity agendas of all those it touches.

With fewer resources to plough into sophisticated defence programmes, SMEs can often find themselves vulnerable to phishing campaigns, hacking and other forms of cyber-attack.

The stakes go up when you consider that financial loss, regulator penalties and reputational damage could easily put an SME out of business in the GDPR era.

This award recognises an SME that is responding to the criminal threat with a continually evolving strategy that prioritises data privacy and which nurtures a culture of care for private data.

The winner of an industry will have:

  • Excellent data protection and privacy standards
  • Demonstrated a commitment to upholding and progressing data protection and privacy processes
  • Instilled a positive corporate culture around data protection and privacy
  • Ensured that the protection of personal data and the right to privacy comes first. 


Entrants will be asked to submit a summary of their entry and a maximum 800-word explanation, demonstrating how they meet each criterion.

Questions to consider when writing your submission are:

  • What has your organisation implemented in terms of processes to ensure data protection and privacy are held to the highest standards?
  • How has your organisation instilled a positive privacy and data protection culture from top to bottom?
  • What challenges has your organisation overcome in ensuring compliance with data protection and privacy regulations? 
  • How does your organisation ensure the right to privacy and protection of personal data comes first?
  • Why should your organisation win this particular award? 

Champion Awards:

Professional Advice
Project of the Year
Data Hero
Data for Good
Women in PrivSec
PrivSec CEO of the Year
Criteria for Champion Awards

This award recognises the work of an individual who has implemented change and given advice and guidance on data protection within a Professional Services organisation. Judges will look at examples that demonstrate the individual’s efficient delivery of the highest possible standards of improving data protection within the industry.

This award recognises the efforts of an individual who has created or has been instrumental in implementing an innovative data protection initiative. Judges will look at the standout achievements, contributions to successful projects, with a focus on examples of innovation, and a demonstrable understanding of how data can create business value.

The Data Hero of the year will be awarded to an individual who has gone above and beyond with regards to data protection and cyber security.

Judges will look at the standout achievements and inspiring stories of individuals who have demonstrated strong data protection leadership and who play a decisive role in delivering world class standards of data protection for an organisation. 

Although Data Privacy and Security are separate entities, there is an inextricable link between both. This award recognises an individual who understands the importance of integration between both domains and who has created an integrated approach and perspective between two often siloed teams.

This award recognises an individual who has used data for a meaningful project, whether it be to address issues across the globe or for a local humanitarian issue such as poverty, health, human rights, education or the environment. The judges will look for inspiring stories that include overcoming obstacles, inspiring others, and being a person of influence in the wider sector and contributing to the public good.

The underrepresentation of women, particularly within cyber security has been a huge driver behind the talent skills gap in this sector.

This award recognises a woman within the data protection and security industry that has worked to change this dynamic for the better. The judges will take into account the accomplishments, values, and contributions of women within the wider world of security and data protection.

Complying with data protection and sustaining robust cyber security can often be daunting, particularly as there are constant regulatory changes in play across the globe, as well as a grow cyber threat.

This award recognises the CEO who has taken data protection and security seriously and has demonstrated that PrivSec is a core focus within the organisation. Judges will look for examples of how an individual has instilled a strong PrivSec culture within their team.

Thing to consider when writing your submission:

  • Why should the individual win this award? Please give examples of how the individual has gone above and beyond in reference to this specific award
  • What challenges has the individual overcome in ensuring compliance with data protection and privacy regulations? 
  • How has the individual instilled a positive privacy and data protection culture within a project or organisation?


Entrants will be asked to submit a summary of their entry and a maximum 800-word explanation, demonstrating how they should win the award considering the above questions.

Nominate here:


For further information on our Privacy and Cookie Policy and Data Privacy Notice click here.