General Data Protection Regulation (GDPR)
Data protection relates to how all organisations collect, use, and store personal and sensitive data. That includes the government, companies, service providers and anyone who manages data.Data protection legislation, which includes the General Data Protection Regulation (GDPR), aims to help prevent data misuse and inflicts penalties on those in breach of the law.
Our Data Protection Online Training Course will help your employees understand what personal and sensitive data are, why they need protection, and how to comply with the GDPR.
- 30 Minutes
- All staff
- Based on UK legislation, but suitable for global audiences upon the removal of UK-specific references and translation as necessary.

Learning objectives
- Distinguish between non-personal, personal and special category ('sensitive') data
- Recognise how our Company complies with the General Data Protection Regulation (GDPR) and other data protection legislation
- Take appropriate action to safeguard personal and special category data
- Identify how and when to report breaches
What can you expect your employees to learn?
Introduction
What is Data Protection?
- You decide: The importance of data protection
- You decide: Breaches of data protection law
- Crossing the line: Breaches of data protection law
- Who is involved in data protection?
- Personal data
- Special category ('sensitive') data
- You decide: Types of data
Data protection legislation
- The GDPR
- Rights of the data subject
- Scenarios: Rights of the data subject
The data protection principles
Principle: Lawfulness, fairness & transparency
- Lawful bases
- Lawful basis: Consent
- Scenario: Getting consent
- Scenario: A customer withdraws consent
- Scenario: Passing on contact details
- Lawful basis: Legitimate interests
- Legitimate interest assessments
- You decide: LIAs
- Documenting & reviewing LIAs
- Data protection impact assessments
Principle: Data limitation
- Scenario: An offer for a new service
- Scenario: Contacting customers' connections
Principle: Data minimisation
- Scenario: Information from job applicants
- Scenario: Information from customers
Principle: Accuracy
- You decide: Keeping data accurate & updated
Principle: Storage limitation
- Scenario: Retaining job applicants' details
- Scenario: Keeping details of former customers
Principle: Security, integrity & confidentiality
- International transfers of personal data
- Scenario: Gina's data transfer
- You decide: Are additional safeguards required?
Data subject access requests
- Dealing with DSARs
- You decide: Is it a valid DSAR?
Personal data breaches
- Scenarios: Personal data breaches
- Notification of breaches
- Scenario: Stolen data
Accountability & governance
- Records of processing activities
Penalties
- Crossing the line: Further breaches of data protection law
Your responsibilities
Summary
Affirmation
Assessment
Start your compliance e-learning journey with a free trial
Our no-obligation free trial gives you access to our libraries and compliance platform.
Ready to start your free trial? Complete the form, and a member of the Skillcast team will be in touch with further details.
Your questions, answered
Data Protection (GDPR)
Common FAQs
Where can I track incidents involving personal data?
How can I ensure that employees formally attest to our internal Data Protection Policy?
How can I ensure employees formally attest to our internal Data Protection Policy?
Are the courses SCORM-compliant?
What other tools are needed beyond training?
Can users only view the courses assigned to them?
Related courses
Boost your compliance efforts with our range of courses. Varying in length and topic, our courses equip you with the tools to create an ethical and resilient workplace.
Data Protection
Data protection relates to how personal and sensitive data is collected, used and stored by all organisations.
Privacy and Electronic Communications Regulations (PECR)
PECR are new regulations that, along with the GDPR and Data Protection Act 2018 (in the UK), give consumers specific rights in respect of electronic communications.
Understanding the GDPR
Bring "Understanding the GDPR" online learning to life using animation characters and storylines.
Personal Data Breaches
Bring "Personal Data Breaches" online training to life using animation characters and storylines.
Data Protection Impact Assessments
Bring "Data Protection Impact Assessments" online training to life using animation characters and storylines.
Controllers and Processors
Special Category Data
GDPR Principle 1
GDPR Principle 2
GDPR Principle 3
GDPR Principle 4
GDPR Principle 5
GDPR Principle 6
GDPR Principle 7
GDPR and Consent
GDPR Lawful Bases for Processing
GDPR Legitimate Interests
GDPR International Transfers
GDPR Individual Rights
GDPR Subject Access Requests
Legitimate Interest Assessments
When relying on legitimate interests as a legal basis for processing personal data, you are taking on additional responsibility for protecting people's rights and interests.