Data Protection and the GDPR (Level 2)

ex. vat
  • Certified by CPD
  • Audio voiceover
  • Approximate duration 2-3 hours
  • Downloadable certificate on completion

This Level 2 Data Protection and the GDPR online training course is a comprehensive, step-by-step explanation of the purpose of the GDPR, the duties and obligations it places upon organisations and individuals that handle personal information, and the steps that need to be taken to comply with the GDPR.

The Level 2 Data Protection and the GDPR online training course incorporates guidance provided by the Information Commissioner’s Office (ICO) and the EU’s Article 29 Working Party, and identifies the key differences between the requirements of the GDPR and the Data Protection Act 1998 (DPA) that it replaces.

This Level 2 Data Protection and the GDPR online training course has been certified by The Continuing Professional Development Certification Service (CPD).

CPD Logo
Other Courses

Who is it for?

The Level 2 Data Protection and the GDPR online training course is suitable for all individuals who may handle personal data or have access to it.

GDPR Level 2 Certificate Example

When do I get my certificate?

When you have successfully passed the course you will be able to download and print your certificate straight away.

As this Level 2 Data Protection and the GDPR online training course has been accredited by the CPD Certification Service, your certificate will contain the CPD logo and can be used to provide evidence for compliance.


Example Screens

(Click on the example screens below to view)

Data Protection and the GDPR (Level 2) Online Training Screenshot 1Data Protection and the GDPR (Level 2) Online Training Screenshot 2Data Protection and the GDPR (Level 2) Online Training Screenshot 3
What does the course cover?

The course contains the following 10 topics and includes an assessment:

Background to the GDPR

  • How data protection regulations have evolved.
  • From when the GDPR applies.
  • The impact of new technologies on data use and storage.
  • The organisation that is responsible for policing data protection.
  • What is meant by the terms ‘data’ and ‘personal data’.
  • Why it is necessary to protect personal data.

Transfers of personal data

  • Why the GDPR applies globally.
  • The aim of the restrictions on the transfer of data.
  • Examples of safeguards required before data can be transferred abroad.

Personal data covered by the GDPR

  • The categories of personal data covered by the GDPR.
  • The difference between personal data and sensitive personal data.
  • When IP addresses, usernames and other online identifiers qualify as ‘personal data’ under the GDPR.

How personal data is protected by the GDPR

  • How the GDPR seeks to prevent personal data from falling into the wrong hands.
  • Who is responsible for enforcing the GDPR.
  • What the ICO is.
  • The information that must be provided when registering with the ICO.
  • What is meant by the terms Data Controller, Data Processor and Data Subject.
  • The purpose of the 7 data protection principles.

The 7 data protection principles

  • The purpose of the data protection principles.
  • The 7 data protection principles.
  • Examples where one or more of the principles apply.

The 8 rights of data subjects

  • What data subject rights are.
  • The 8 data subject rights.
  • Examples where a data subject might exercise his/her rights.
  • What can happen if a data subject’s rights are ignored.

Accountability and compliance

  • The measures that can be put in place to demonstrate compliance with the GDPR.
  • Privacy by default and privacy by design.
  • The purpose and benefit of carrying out a DPIA.
  • When a DPIA is mandatory.
  • The role of a Data Protection Officer and when one must be appointed.
  • The basic requirements that must form part of a contract between Data Controllers and Processors.

Data breaches and the GDPR

  • What is meant by a breach of personal data.
  • When a breach needs to be reported.
  • Who the breach must be reported to and when it must take place.

Exemptions and partial exemptions

  • What is meant by a derogation from the GDPR.
  • The categories of data that are exempt or partially exempt under the GDPR.
  • The probable exemptions and partial exemptions.


The assessment is generated from question banks so that the questions change each time a candidate takes the assessment – making the training suitable for initial and refresher training.

There is no limit on the number of attempts at the assessment and informative feedback is given so candidates can learn from their incorrect responses.

ex. vat
Discounts Available For Bulk Purchases
No. of licences
per course
% saving
1 - 9 -
10 - 19 10%
20 - 49 20%
50 - 99 25%
100 - 149 30%
150 - 999 35%
For 200+ licences, please email us at or call us on 0333 577 5016.
Single sign-on (SSO)

Our LMS can be configured to authenticate with your systems, so your users don’t need to remember additional passwords or usernames.

Competence Assurance

Our integrated software environment helps you to plan, develop and monitor enterprise capability and compliance, to minimise the risk of incidents and non-compliance.

Bespoke Online Training

We believe that a desire to acquire new knowledge and skills is the most powerful motivator for most individuals - not gimmicks or tricks.

Call us on 0333 577 5016 for more information or complete the contact form and we'll call you back.