Skip to content
Get in touch Support Hub Investors
Book a demo Free trial

General Data Protection Regulation (GDPR)

Data protection relates to how all organisations collect, use, and store personal and sensitive data. That includes the government, companies, service providers and anyone who manages data.

Data protection legislation, which includes the General Data Protection Regulation (GDPR), aims to help prevent data misuse and inflicts penalties on those in breach of the law.

Our Data Protection Online Training Course will help your employees understand what personal and sensitive data are, why they need protection, and how to comply with the GDPR.
Start your trial Course details

Learning objectives

  • Distinguish between non-personal, personal and special category ('sensitive') data
  • Recognise how our Company complies with the General Data Protection Regulation (GDPR) and other data protection legislation
  • Take appropriate action to safeguard personal and special category data
  • Identify how and when to report breaches

    What can you expect your employees to learn?

Introduction

What is Data Protection?

  • You decide: The importance of data protection
  • You decide: Breaches of data protection law
  • Crossing the line: Breaches of data protection law
  • Who is involved in data protection?
  • Personal data
  • Special category ('sensitive') data
  • You decide: Types of data


Data protection legislation

  • The GDPR
  • Rights of the data subject
  • Scenarios: Rights of the data subject

The data protection principles

Principle: Lawfulness, fairness & transparency

  • Lawful bases
  • Lawful basis: Consent
  • Scenario: Getting consent
  • Scenario: A customer withdraws consent
  • Scenario: Passing on contact details
  • Lawful basis: Legitimate interests
  • Legitimate interest assessments
  • You decide: LIAs
  • Documenting & reviewing LIAs
  • Data protection impact assessments

Principle: Data limitation

  • Scenario: An offer for a new service
  • Scenario: Contacting customers' connections

Principle: Data minimisation

  • Scenario: Information from job applicants
  • Scenario: Information from customers

Principle: Accuracy

  • You decide: Keeping data accurate & updated

Principle: Storage limitation

  • Scenario: Retaining job applicants' details
  • Scenario: Keeping details of former customers

Principle: Security, integrity & confidentiality

  • International transfers of personal data
  • Scenario: Gina's data transfer
  • You decide: Are additional safeguards required?

Data subject access requests

  • Dealing with DSARs
  • You decide: Is it a valid DSAR?

Personal data breaches

  • Scenarios: Personal data breaches
  • Notification of breaches
  • Scenario: Stolen data

Accountability & governance

  • Records of processing activities
 

Penalties

  • Crossing the line: Further breaches of data protection law

Your responsibilities

Summary

Affirmation

Assessment

Hear from our learners

Excellent easy-to-use LMS which Skillcast have specifically tailored to our needs to also host a Global Policy Portal and global staff surveys, alongside providing live MI reporting.
Being able to personalise our own training has been a game-changer! Excellent training was provided on how to use the CMS and the support team have been so helpful, patient and quick to reply when I've got stuck.
We have been enjoying e-learning with Skillcast for 10 years now. Their customer service is always at the highest level, always very attentive, responsive, and polite. Highly recommend to any company who is looking for a high quality e-learning and customer service (they have both in high standards).
We started using Skillcast for our employee's compliance training a few months ago and the experience has been excellent. Skillcast was very efficient in the set up process they then helped support us with rolling out our staff training in a seamless way. The course content is highly detailed and professionally delivered. Overall, I would highly recommend Skillcast as your LMS training provider.
Excellent courses with a brilliant support team
We've been using Skillcast for approx. 1.5 years and have been very happy with the service received and the courses offered. The customer service from the support team is excellent, they always respond quickly and are very helpful. The courses offered cover a broad range and the FCA courses were particularly useful to our business.
Incredibly helpful support team, who work with you to provide tailored advice and practical assistance. You are supported every step of the way. Would highly recommend.
I cannot overstate how happy with are with Skillcast. They are prompt, attentive, patient and always so good humoured. The teams work seamlessly, and there is always someone to cover in the absence of a team member. I am always impressed and very happy to work with the team.
A great LMS with a dedicated and knowledgeable team behind it. The LMS has a number of features that are gradually shared and which keeps on being developed.
Every member of the team I have had dealings with have been quick, efficient and very accommodating. No task or query is to big for them, and always a quick and prompt response. Pleasure to work with
We use Skillcast for our corporate training and it's a good LMS platform with a great variety of courses available. The platform is user-friendly and easy to navigate, and courses are up to date with legislation.
Skillcast is easy to set up and use. You can design the colours of the platform to fit you company branding. Support team are very helpful and nothing is too much trouble.
Excellent systems, user-friendly and easy to use.
Skillcast is a great platform to use for Compliance e-learning. The staff found the courses informative and engaging. There is a wide range of compliance related topics on the essentials library. The LMS is easy to use, and provides reports to track staff progress, which is a helpful feature.
The range of course libraries are comprehensive and the ability to select from multiple modules was important to us. The Global Library provides courses in multiple languages. We were also impressed with the microlearning modules. The platform is a great option for us and for our business requirements. We can also trust in Skillcast to review and update the modules so that they remain relevant and incorporate the latest developments in regulation.
Excellent services provided by the Skillcast team and the Skillcast system is simple to use.
The service provided for our company is excellent. The platform provides essential training for our business. When liaising with Skillcast in preparation for training delivery their customer service is excellent and we would definitely recommend.
Skillcast has truly transformed our approach to compliance training and tracking at Imagination. Not only does it seamlessly manage our global company's compliance requirements, but it also enhances employee engagement through its user-friendly interface and interactive content. What sets Skillcast apart is not just the platform itself, but also their exceptional customer service team. They are responsive, knowledgeable, and dedicated to providing tailored solutions to our unique needs. It's been instrumental in streamlining our compliance processes and fostering a culture of proactive risk management, growth & development."
They listened to our needs and helped tailor the existing course to our organisation with ease, ensuring accessibility requirements were maintained and the training was engaging and presentable. All their help was been very appreciated and I couldn't have asked them to do any more for us. I would recommend Skillcast to anyone looking to bring in new training modules to their organisation.
Skillcast provide an A-star product with excellent customer service support.

Start your compliance e-learning journey with a free trial

Our no-obligation free trial gives you access to our libraries and compliance platform. 

Ready to start your free trial? Complete the form, and a member of the Skillcast team will be in touch with further details.

Your questions, answered

Data Protection (GDPR)

Common FAQs

Where can I track incidents involving personal data?

Tools such as a Data Breach Register enable you to log, track, and respond to data breaches and similar incidents efficiently. Skillcast offers this tool, making it easy to document and manage incidents in line with compliance requirements.

How can I ensure that employees formally attest to our internal Data Protection Policy?

Our Policy Hub tool allows you to easily assign policies, track when employees read them, and capture their attestation with a simple digital acknowledgement. The tool also provides automated reminders to employees who haven't yet acknowledged the policy, ensuring full compliance and a clear audit trail.

Are Skillcast courses SCORM-compliant?

Yes. This means they can be delivered via the Skillcast Portal or any other SCORM-compliant Learning Management System.

What other tools are needed beyond training?

A comprehensive compliance solution often needs more than just training. Alongside e-learning, tools like declarationssurveys, and registers that track compliance tasks are usually essential. Skillcast provides full support to help you set up these additional tools.

Is our training content still compliant with the latest legislation?

  • You can check the latest course content updates in our library updates page: https://www.skillcast.com/compliance-course-library-updates
  • For major legislative changes, we:
    • Will send you email alerts to ensure you are notified
    • Offer you a free trial of newly created or updated content
    • Host webinars with compliance experts to explain the changes and how our training supports your ongoing compliance

Can you translate our content into other languages?

Yes, we offer translations in a wide range of languages. Let us know your needs, and we’ll confirm availability or work with you to plan translations for your selected modules.

How can I give employees a secure way to record suspicious activity so we can act quickly?

Our Suspicious Activity Register allows staff to log concerns or irregularities they observe, helping you detect potential issues early. The secure register can be reviewed by compliance teams, enabling prompt investigation and action.

What file types are supported by the Skillcast system?

Features

Supported file types and details

File Exchange

File types: PDF, Excel spreadsheets, Word documents, SCORM and xAPI files, and compressed zip files. Max file size: Default is 1GB, can be increased to a max of 2GB

SCORM files

Versions: SCORM 1.2, SCORM 1.2 for Moodle, SCORM 2004 2nd, 3rd and 4th Edition. Max file size: 1024MB

xAPI file

Max file size: 2GB

Videos

File types: MP4 or MOV. Videos must be optimised, with a max file size of 100MB. If the file is bigger, our Design Team can help

Images

File types: jpg, png and gif. The file size should ideally be 100KB, but it can be up to 250KB

CPD evidence

File types: Word, PDF, Excel and CSV. File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB

Policy documents

PDF or Word File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB

Offline activities evidence

File types: PDF, DOC, DOCX, XLS, XLSX, CSV, PNG, GIF, JPEG, JPG, PPTX and MSG. File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB

Client logo files

File types provided by client: EPS, PDF, AI and SVG

Registers

PDF, DOC, DOCX, XLS, XLSX, CSV, PPT, PPTX, POT, PPA, PPS, JPG, JPEG, PJEPG, PNG, BMP, GIF, MP4, MOV, WMV, CPTX, CP, TXT, ZIP and MSG files

Declarations

JPG, JPEG, PNG, GIF, XLS and XLSX files

 

Related courses

Boost your compliance efforts with our range of courses. Varying in length and topic, our courses equip you with the tools to create an ethical and resilient workplace.

Data Protection

Data protection relates to how all organisations collect, use, and store personal and sensitive data.

Read more

In-depth 45 Minutes Data Protection (GDPR) All staff

Data Protection

Data protection relates to how personal and sensitive data is collected, used and stored by all organisations.

Refresher 15 Minutes Data Protection (GDPR) All staff

Privacy and Electronic Communications Regulations (PECR)

PECR are new regulations that, along with the GDPR and Data Protection Act 2018 (in the UK), give consumers specific rights in respect of electronic communications.

Express 15 Minutes Data Protection (GDPR) All staff

Understanding the GDPR

Bring "Understanding the GDPR" online learning to life using animation characters and storylines.

Microlearning 5 Minutes Data Protection (GDPR) All staff

Personal Data Breaches

Bring "Personal Data Breaches" online training to life using animation characters and storylines.

Microlearning 5 Minutes Data Protection (GDPR) All staff

Data Protection Impact Assessments

Bring "Data Protection Impact Assessments" online training to life using animation characters and storylines.

Microlearning 5 Minutes Data Protection (GDPR) All staff

Controllers and Processors

The differences between data controllers and data processors are crucial to understanding data protection obligations.

Microlearning 5 Minutes Data Protection (GDPR) All staff

Special Category Data

In many workplaces, sensitive data, including special category data, is collected and requires extra care.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Principle 1

The first principle of the GDPR requires that personal data must be processed lawfully, fairly and transparently.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Principle 2

The second principle of the GDPR, purpose limitation, requires that personal data be collected for specified, explicit and legitimate purposes.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Principle 3

The third principle of the GDPR, data minimisation, requires that personal data collected must be adequate, relevant and limited to what is necessary.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Principle 4

The fourth principle of the GDPR, accuracy, requires that personal data must be correct, up to date and not misleading.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Principle 5

The fifth principle of the GDPR, storage limitation, requires that personal data be retained only for as long as necessary for its intended purpose.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Principle 6

The sixth principle of the GDPR, integrity and confidentiality, requires that personal data be protected against unauthorised access, loss or damage.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Principle 7

The seventh principle of the GDPR, accountability, requires organisations to take responsibility for compliance and demonstrate good governance in data protection.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR and Consent

Consent is one of the six lawful bases for processing personal data under the GDPR, requiring individuals to give clear, informed and voluntary agreement.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Lawful Bases for Processing

The General Data Protection Regulation (GDPR) requires organisations to have a lawful basis for processing personal data, chosen from six legal grounds.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Legitimate Interests

Legitimate interests is a flexible lawful basis for processing personal data, but it requires balancing business needs with individuals' rights.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR International Transfers

The international transfer of personal data is restricted to ensure individuals' privacy rights are protected when data is sent abroad.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Individual Rights

The General Data Protection Regulation (GDPR) grants individuals eight specific rights over their personal data, ensuring transparency and control.

Microlearning 5 Minutes Data Protection (GDPR) All staff

GDPR Subject Access Requests

Individuals have the right to access their personal data and organisations must respond to subject access requests (SARs) within legal timeframes.

Microlearning 5 Minutes Data Protection (GDPR) All staff

Legitimate Interest Assessments

When relying on legitimate interests as a legal basis for processing personal data, you are taking on additional responsibility for protecting people's rights and interests.

Express 10 Minutes Data Protection (GDPR) All staff

PCI Data Security Standard

PCI Data Security Standard (PCI-DSS) is the information security standard for organisations that process credit card payments.

In-depth 60 Minutes Data Protection (GDPR) All staff
Browse the complete Data Protection (GDPR) training package