GDPR—Data Protection


Product Description

Enquire Now!

GDPR- Data Protection

Are you ready? This course teaches you how to ensure that your business is GDPR compliant.

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU.
What does the GDPR mean for your business?

GDPR is likely to impact smaller companies as a recent study shows that 82% of SMEs are unaware of the new legislation and will potentially be hit with large fines when it becomes enforceable on the 25th May 2018.

At the end of the course you will be able to take a knowledge test, print certificates and maintain your CPD portfolio.

Build your CPD portfolio

Accreditation is provided by the CPD Accreditation Group.

Who is it for?

This course is for business owners, corporate lawyers, digital marketers and anyone with responsibility for Data Protection compliance.


The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

This course teaches you how to keep your business compliant.


5 hours (online)

Tailored Training

This course is also available as a 1-day seminar. We will also look to tailor or develop training to suit individual business needs. For full information, a FREE consultation and FREE demo, please contact us.

Enquire Now!


• Importance of GDPR
• Key definitions
• Principles of Data Protection

Our Policies

• Legislative background
• Your role
• Collecting information

Lawful basis for processing

• Consent
• Contract
• Legal Obligation
• Vital Interests
• Public Task
• Legitimate interests
• Special category data
• Criminal offence data

Individual rights

• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling

Accountability and governance

• Contracts
• Documentation
• Data Protection Impact Assessments
• Data Protection Officers
• Codes of conduct and certification
• Guide to the Data Protection fee


• Harm caused by the loss of personal data
• The level of security required
• Organisational measures to consider
• Technical measures to consider
• Sector with their own security requirements
• Involvement of a data processor
• Pseudonymisation and encryption
• ‘Confidentiality, Integrity, Availability’ and ‘Resilience’
• Requirements for restoring availability and access to personal data
• How to ensure security measures are effective
• Staff

International transfers

• Transfers subject to appropriate safeguards
• Transfers based on an organisation’s assessment of the adequacy of protection
• Derogations from the prohibition on transfers of personal data outside of the EU
• One-off (or infrequent) transfers of personal data

Personal data breaches

• A personal breach
• Need to notify the ICO
• Amount of time to report a breach
• Information a breach notification must contain
• What if you don’t have all the required information available?
• When to tell individuals about a breach
• Other steps to take


• General approach to processing children’s personal data
• What to think about when choosing a basis for processing children’s personal data
• Rules about an ISS and consent
• Marketing to children
• Profiling children or making automated decisions
• Right to be informed
• Right to erasure
• Children Checklist

Build your CPD portfolio

Accreditation is provided by the CPD Certification Service.

You may also like…