General Data Protection Regulation (GDPR)
Data protection relates to how all organisations collect, use, and store personal and sensitive data. That includes the government, companies, service providers and anyone who manages data.Data protection legislation, which includes the General Data Protection Regulation (GDPR), aims to help prevent data misuse and inflicts penalties on those in breach of the law.
Our Data Protection Online Training Course will help your employees understand what personal and sensitive data are, why they need protection, and how to comply with the GDPR.
- 30 Minutes
- All staff
- Global Compliance Library

Learning objectives
- Distinguish between non-personal, personal and special category ('sensitive') data
- Recognise how our Company complies with the General Data Protection Regulation (GDPR) and other data protection legislation
- Take appropriate action to safeguard personal and special category data
- Identify how and when to report breaches
What can you expect your employees to learn?
Introduction
What is Data Protection?
- You decide: The importance of data protection
- You decide: Breaches of data protection law
- Crossing the line: Breaches of data protection law
- Who is involved in data protection?
- Personal data
- Special category ('sensitive') data
- You decide: Types of data
Data protection legislation
- The GDPR
- Rights of the data subject
- Scenarios: Rights of the data subject
The data protection principles
Principle: Lawfulness, fairness & transparency
- Lawful bases
- Lawful basis: Consent
- Scenario: Getting consent
- Scenario: A customer withdraws consent
- Scenario: Passing on contact details
- Lawful basis: Legitimate interests
- Legitimate interest assessments
- You decide: LIAs
- Documenting & reviewing LIAs
- Data protection impact assessments
Principle: Data limitation
- Scenario: An offer for a new service
- Scenario: Contacting customers' connections
Principle: Data minimisation
- Scenario: Information from job applicants
- Scenario: Information from customers
Principle: Accuracy
- You decide: Keeping data accurate & updated
Principle: Storage limitation
- Scenario: Retaining job applicants' details
- Scenario: Keeping details of former customers
Principle: Security, integrity & confidentiality
- International transfers of personal data
- Scenario: Gina's data transfer
- You decide: Are additional safeguards required?
Data subject access requests
- Dealing with DSARs
- You decide: Is it a valid DSAR?
Personal data breaches
- Scenarios: Personal data breaches
- Notification of breaches
- Scenario: Stolen data
Accountability & governance
- Records of processing activities
Penalties
- Crossing the line: Further breaches of data protection law
Your responsibilities
Summary
Affirmation
Assessment
Hear from our learners
Excellent easy-to-use LMS which Skillcast have specifically tailored to our needs to also host a Global Policy Portal and global staff surveys, alongside providing live MI reporting.
Being able to personalise our own training has been a game-changer! Excellent training was provided on how to use the CMS and the support team have been so helpful, patient and quick to reply when I've got stuck.
We have been enjoying e-learning with Skillcast for 10 years now. Their customer service is always at the highest level, always very attentive, responsive, and polite. Highly recommend to any company who is looking for a high quality e-learning and customer service (they have both in high standards).
We started using Skillcast for our employee's compliance training a few months ago and the experience has been excellent. Skillcast was very efficient in the set up process they then helped support us with rolling out our staff training in a seamless way. The course content is highly detailed and professionally delivered. Overall, I would highly recommend Skillcast as your LMS training provider.
Excellent courses with a brilliant support team
We've been using Skillcast for approx. 1.5 years and have been very happy with the service received and the courses offered. The customer service from the support team is excellent, they always respond quickly and are very helpful. The courses offered cover a broad range and the FCA courses were particularly useful to our business.
Incredibly helpful support team, who work with you to provide tailored advice and practical assistance. You are supported every step of the way. Would highly recommend.
I cannot overstate how happy with are with Skillcast. They are prompt, attentive, patient and always so good humoured. The teams work seamlessly, and there is always someone to cover in the absence of a team member. I am always impressed and very happy to work with the team.
A great LMS with a dedicated and knowledgeable team behind it. The LMS has a number of features that are gradually shared and which keeps on being developed.
Every member of the team I have had dealings with have been quick, efficient and very accommodating. No task or query is to big for them, and always a quick and prompt response. Pleasure to work with
We use Skillcast for our corporate training and it's a good LMS platform with a great variety of courses available. The platform is user-friendly and easy to navigate, and courses are up to date with legislation.
Skillcast is easy to set up and use. You can design the colours of the platform to fit you company branding. Support team are very helpful and nothing is too much trouble.
Excellent systems, user-friendly and easy to use.
Skillcast is a great platform to use for Compliance e-learning. The staff found the courses informative and engaging. There is a wide range of compliance related topics on the essentials library. The LMS is easy to use, and provides reports to track staff progress, which is a helpful feature.
The range of course libraries are comprehensive and the ability to select from multiple modules was important to us. The Global Library provides courses in multiple languages. We were also impressed with the microlearning modules. The platform is a great option for us and for our business requirements. We can also trust in Skillcast to review and update the modules so that they remain relevant and incorporate the latest developments in regulation.
Excellent services provided by the Skillcast team and the Skillcast system is simple to use.
The service provided for our company is excellent. The platform provides essential training for our business. When liaising with Skillcast in preparation for training delivery their customer service is excellent and we would definitely recommend.
Skillcast has truly transformed our approach to compliance training and tracking at Imagination. Not only does it seamlessly manage our global company's compliance requirements, but it also enhances employee engagement through its user-friendly interface and interactive content. What sets Skillcast apart is not just the platform itself, but also their exceptional customer service team. They are responsive, knowledgeable, and dedicated to providing tailored solutions to our unique needs. It's been instrumental in streamlining our compliance processes and fostering a culture of proactive risk management, growth & development."
They listened to our needs and helped tailor the existing course to our organisation with ease, ensuring accessibility requirements were maintained and the training was engaging and presentable. All their help was been very appreciated and I couldn't have asked them to do any more for us. I would recommend Skillcast to anyone looking to bring in new training modules to their organisation.
Skillcast provide an A-star product with excellent customer service support.
Start your compliance e-learning journey with a free trial
Our no-obligation free trial gives you access to our libraries and compliance platform.
Ready to start your free trial? Complete the form, and a member of the Skillcast team will be in touch with further details.
Your questions, answered
Data Protection (GDPR)
Common FAQs
Where can I track incidents involving personal data?
How can I ensure that employees formally attest to our internal Data Protection Policy?
Are Skillcast courses SCORM-compliant?
What other tools are needed beyond training?
Is our training content still compliant with the latest legislation?
- You can check the latest course content updates in our library updates page: https://www.skillcast.com/compliance-course-library-updates
- For major legislative changes, we:
- Will send you email alerts to ensure you are notified
- Offer you a free trial of newly created or updated content
- Host webinars with compliance experts to explain the changes and how our training supports your ongoing compliance
Can you translate our content into other languages?
How can I give employees a secure way to record suspicious activity so we can act quickly?
Our Suspicious Activity Register allows staff to log concerns or irregularities they observe, helping you detect potential issues early. The secure register can be reviewed by compliance teams, enabling prompt investigation and action.
What file types are supported by the Skillcast system?
Features |
Supported file types and details |
File Exchange |
File types: PDF, Excel spreadsheets, Word documents, SCORM and xAPI files, and compressed zip files. Max file size: Default is 1GB, can be increased to a max of 2GB |
SCORM files |
Versions: SCORM 1.2, SCORM 1.2 for Moodle, SCORM 2004 2nd, 3rd and 4th Edition. Max file size: 1024MB |
xAPI file |
Max file size: 2GB |
Videos |
File types: MP4 or MOV. Videos must be optimised, with a max file size of 100MB. If the file is bigger, our Design Team can help |
Images |
File types: jpg, png and gif. The file size should ideally be 100KB, but it can be up to 250KB |
CPD evidence |
File types: Word, PDF, Excel and CSV. File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB |
Policy documents |
PDF or Word File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB |
Offline activities evidence |
File types: PDF, DOC, DOCX, XLS, XLSX, CSV, PNG, GIF, JPEG, JPG, PPTX and MSG. File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB |
Client logo files |
File types provided by client: EPS, PDF, AI and SVG |
Registers |
PDF, DOC, DOCX, XLS, XLSX, CSV, PPT, PPTX, POT, PPA, PPS, JPG, JPEG, PJEPG, PNG, BMP, GIF, MP4, MOV, WMV, CPTX, CP, TXT, ZIP and MSG files |
Declarations |
JPG, JPEG, PNG, GIF, XLS and XLSX files |
Related courses
Boost your compliance efforts with our range of courses. Varying in length and topic, our courses equip you with the tools to create an ethical and resilient workplace.
Data Protection
Data protection relates to how personal and sensitive data is collected, used and stored by all organisations.
Privacy and Electronic Communications Regulations (PECR)
PECR are new regulations that, along with the GDPR and Data Protection Act 2018 (in the UK), give consumers specific rights in respect of electronic communications.
Understanding the GDPR
Bring "Understanding the GDPR" online learning to life using animation characters and storylines.
Personal Data Breaches
Bring "Personal Data Breaches" online training to life using animation characters and storylines.
Data Protection Impact Assessments
Bring "Data Protection Impact Assessments" online training to life using animation characters and storylines.
Controllers and Processors
The differences between data controllers and data processors are crucial to understanding data protection obligations.
Special Category Data
In many workplaces, sensitive data, including special category data, is collected and requires extra care.
GDPR Principle 1
The first principle of the GDPR requires that personal data must be processed lawfully, fairly and transparently.
GDPR Principle 2
The second principle of the GDPR, purpose limitation, requires that personal data be collected for specified, explicit and legitimate purposes.
GDPR Principle 3
The third principle of the GDPR, data minimisation, requires that personal data collected must be adequate, relevant and limited to what is necessary.
GDPR Principle 4
The fourth principle of the GDPR, accuracy, requires that personal data must be correct, up to date and not misleading.
GDPR Principle 5
The fifth principle of the GDPR, storage limitation, requires that personal data be retained only for as long as necessary for its intended purpose.
GDPR Principle 6
The sixth principle of the GDPR, integrity and confidentiality, requires that personal data be protected against unauthorised access, loss or damage.
GDPR Principle 7
The seventh principle of the GDPR, accountability, requires organisations to take responsibility for compliance and demonstrate good governance in data protection.
GDPR and Consent
Consent is one of the six lawful bases for processing personal data under the GDPR, requiring individuals to give clear, informed and voluntary agreement.
GDPR Lawful Bases for Processing
The General Data Protection Regulation (GDPR) requires organisations to have a lawful basis for processing personal data, chosen from six legal grounds.
GDPR Legitimate Interests
Legitimate interests is a flexible lawful basis for processing personal data, but it requires balancing business needs with individuals' rights.
GDPR International Transfers
The international transfer of personal data is restricted to ensure individuals' privacy rights are protected when data is sent abroad.
GDPR Individual Rights
The General Data Protection Regulation (GDPR) grants individuals eight specific rights over their personal data, ensuring transparency and control.
GDPR Subject Access Requests
Individuals have the right to access their personal data and organisations must respond to subject access requests (SARs) within legal timeframes.
Legitimate Interest Assessments
When relying on legitimate interests as a legal basis for processing personal data, you are taking on additional responsibility for protecting people's rights and interests.
PCI Data Security Standard
PCI Data Security Standard (PCI-DSS) is the information security standard for organisations that process credit card payments.