Course information

Certified EU General Data Protection Regulation (EU GDPR) Foundation And Practitioner

Module 1: Introduction to the GDPR​

  • GDPR in a Nutshell​
  • Generate Customer Confidence​
  • Focus of GDPR​
  • What is Personal Information? ​
  • Who has PII? ​
  • Lawful Processing of Personal Data

Module 2: Binding Corporate Rules ​

  • Introduction
  • Scope​
  • UK ICO’s View of the Scope​
  • Processing GDPR Definition​
  • Who Processes PII? ​
  • What is Special Data? ​
  • Legal Framework​
  • Timeline​ and Derogations​
  • Some Key Areas for Derogation​
  • Data Breaches/Personal Data Breach​
  • Consequences of Failure​
  • Governance Framework​

Module 3: GDPR Terminology and Techniques ​

  • Key Roles​
  • Data Set​
  • Subject Access Request (SAR)​
  • Data Protection Impact Assessments (DPIA) ​
  • What Triggers a Data Protection Impact Assessment? ​
  • DPIA is Not Required
  • Processes to be Considered for a DPIA​
  • Responsibilities​
  • DPIA Decision Path​
  • DPIA Content​
  • How Do I Conduct a DPIA? ​
  • Signing Off the DPIA​
  • Mitigating Risks Identified by the DPIA​
  • Privacy by Design and Default​
  • External Transfers​
  • Profiling​
  • Pseudonymisation​
  • Principles, User Rights, and Obligations​
  • One Stop Shop​

Module 4: Structure of the Regulation​

  • Parts of the GDPR​
  • Format of the Articles​
  • Articles​

Module 5: Principles and Rights​

  • Introduction
  • Legality Principle​
  • How the Permissions Work Together​?
  • Lawfulness of Processing Conditions​
  • Lawfulness for Special Categories of Data
  • Criminal Offence Data​
  • Consent
  • Transparency Principle​
  • Fairness Principle​
  • Rights of Data Subjects​
  • Purpose Limitation Principle​
  • Minimisation Principle​
  • Accuracy Principle​
  • Storage Limitation Principle​
  • Integrity and Confidentiality Principle​
  • Accountability Principle​

Module 6: Demonstrating Compliance​

  • Demonstrating Compliance with the GDPR ​
  • Impact of Compliance Failure​
  • Administrative Fines​
  • What Influences the Size of an Administrative Fine?
  • Joint Controllers​
  • Processor Liability Under GDPR​
  • Demonstrating Compliance
  • Protecting PII is Only Half the Job
  • What must be Recorded? ​
  • Additional Ways of Demonstrating Compliance​
  • Demonstrating a Robust Process​
  • PIMS (Personal Information Management System) ​
  • Cyber Essentials​
  • ISO 27017 Code of Practice for Information Security Controls​
  • Risk Management​

Module 7: Incident Response and Data Breaches​

  • What is a Personal Data Breach? ​
  • Notification Obligations​
  • What Breaches Do I Need to Notify the Relevant Supervisory Authority About? ​
  • What Information Must Be Provided to the SA? ​
  • How do I Report a Breach to the SA? ​
  • Notifying Data Subjects​
  • What Should I do to Prepare for Breach Reporting? ​
  • Updating Policies and Procedures​
  • Breach Reporting and Responses ​
  • Ways to Minimise the Breach Impact​

Module 8: Understanding the Principle Roles

  • What does the GDPR Makes Businesses Responsible For?
  • Difference Between a Data Controller and a Data Processor
  • How the Roles Split?
  • Controllers and Processors
  • Main Obligations of Data Controllers
  • Demonstrate Compliance
  • Joint Controllers and EU Representative
  • Controller-Processor Contract
  • Maintain Records and Keeping Records for Small Businesses
  • Cooperation with Supervisory Authorities
  • Keeping PII Secure
  • Data Breach Transparency
  • Role of the Data Processor
  • Controller-Processor Contract
  • Main Obligations of the Processor
  • Perform Only the Data Processing Defined by the Data Controller
  • Update the Data Controller
  • Sub-Process or Appointment
  • Keep PII Confidential
  • Maintaining Records
  • Cooperate with Supervisory Authorities
  • Security
  • Appoint a DPO – If Necessary
  • Transferring Data Outside the EU

Module 9: Role of the DPO

  • Role of a Data Protection Officer
  • Involvement of the DPO
  • Main Responsibilities of the DPO
  • Working Environment for the DPO
  • Must We Have A DPO?
  • Public Body
  • What does Large Scale mean?
  • Systematic Monitoring
  • Who Can Perform the Role of DPO?
  • Skills Required
  • Monitoring Compliance
  • Training and Awareness
  • Data Protection Impact Assessments (DPIAs)
  • Risk-Based Approach
  • Business Support for the DPO
  • DPO Independence
  • DPO – Conflict of Interest

Module 10: UK Implementation

  • Key Differences Between the Data Protection Act and the GDPR
  • Highlights from the Data Protection Bill
  • Definition of Controller
  • Health, Social Work, Education, and Child Abuse
  • Age of Consent
  • Exemptions for Freedom of Expression
  • Research and Statistics
  • Archiving in the Public Interest

Module 11: Key Features

  • Specific Permission
  • Privacy by Design
  • Data Portability
  • Right to be Forgotten
  • Definitive Consent
  • Information in Clear Readable Language
  • Limits on the Use of Profiling
  • Everyone Follows the Same Law
  • Adopting Techniques

Module 12:  Subject Access Requests and How to Deal with them?

  • Subject Access Requests (SAR)
  • Dealing with SAR
  • Recognise the Request
  • Understand the Time Limitations
  • Dealing with Fees and Excessive Requests
  • Identify, Search, and Gather the Requested Data
  • Learn about What Information to Withhold
  • Developing and Sending a Response

Module 13: Data Subject Rights

  • Must I Always Obey a Right?
  • Rights and Third Parties
  • Requests Made on Behalf of Other Data Subjects
  • Guidelines for Children's Maturity
  • Responding to a Rights Request
  • What is a Month?
  • Rights Request Flow Chart
  • Right to be Informed
    • When Should Information Be Provided?
    • Best Practice Guidance
  • Right of Access
  • Right to Rectification
  • Right to Erasure
    • When can I Refuse to Comply with a Request for Erasure?
    • Erasing Children's Data
  • Right to Restrict Processing
    • When Processing Should be Restricted?
    • Protecting PII
    • Other Issues about Restricting Processing
  • Right to Data Portability
  • Right to Object
    • Complying with the Right to Object
    • Rejecting the Right to Object
    • Processing for Direct Marketing Purposes
    • Processing for Research Purposes
  • Rights Related to Automated Decision Making and Profiling
    • When does the Right not apply?

Module 14: Subject Access Requests

  • Provenance
  • Overview: SARs
  • SAR is an Activity, Not a Title
  • How can a SAR be Submitted?
  • What Information Should the Response to a SAR Contain?
  • Additional Information
  • Replying to a SAR
  • Confirming a Data Subject’s Identity
  • Scope
  • Electronic Records
  • Non-Electronic Records
  • SARs Involving 3rd Party PII
  • Fees
  • Refusing a Subject Access Request
  • Access Requests from Employees
  • Credit Reference Agencies
  • Best Practice for SARs

Module 15: Lawful Processing

  • Lawful Processing: A Reminder
  • User Rights Change Depending on the Justification
  • Lawfulness of Processing Conditions
  • Lawfulness for Special Categories of Data
  • UK ICO Tool
  • Consent
  • Key Points About Consent
  • Affirmative Action and Explicit Consent
  • Introduction of Affirmative Action
  • What is Not Affirmative Action?
  • Examples of Affirmative Action from the ICO
  • Introduction of Explicit Consent
  • Explicit Statement
  • Obtaining Explicit Consent
  • ICOs View of a Poor Form of Explicit Consent
  • Obtaining Consent for Scientific Research Purposes
  • Getting Consent
  • What Should Go into the Consent Request?
  • Consent Granularity
  • Right to Withdraw Consent
  • Children
  • Consent Records
  • ICOs Examples of Record Keeping
  • Key Points When Establishing Consent
  • Legitimate Interests
  • Getting the Balance Right
  • Consent or Legitimate Interest?
  • What Lawful Basis Can be Used for Processing Marketing PII?

Module 16: Third Country Data

  • Cross Border Transfers
  • Transfer Mechanisms
  • Derogations
  • Adequacy
  • Adequate Ways to Safeguard Transfers of PII
  • Consent
  • One-Off or Infrequent Transfers
  • Who is Responsible?
  • Transferring PII Between EEA Members
  • Adequate Countries Outside of the EEA
  • Binding Corporate Rules (BCR)
  • What a BCR Must Cover?
  • Authorisation for BCRs
  • EU-US Privacy Shield
  • Privacy Shield Overview
  • Privacy Shield: Mechanics
  • Model Clauses
  • Public Authority Agreements

Module 17: Introduction to Protecting Personal Data

  • Need to Secure
  • What is Appropriate?
  • Protecting PII – 3 Key Areas
  • Coverage
  • Defensive Design
  • Single Point of Failure (SPOF)
  • Incident Response
  • Data Breach Reporting Requirements
  • Incident Response Team

Module 18: Data Protection Impact Assessments (DPIA)

  • Introduction
  • What Triggers a Data Protection Impact Assessment?
  • Cases Where DPIA is Not Required
  • Benefits of DPIA
  • Processes to be Considered for a DPIA
  • Responsibilities
  • DPIA Decision Path
  • DPIA Content
  • How Do I Conduct A DPIA?
  • Signing Off the DPIA
  • Mitigating Risks Identified by the DPIA

Module 19: Need Want Drop

  • Overview
  • Need-Want-Drop: Concept Diagram
  • Need-Want-Drop: Categorising Data
  • Need/Want/Drop Methodology

Module 20: Dealing with Third Parties and Data in the Cloud

  • What is Cloud Computing?
  • Myths of Cloud
  • Cloud Challenges
  • Controller-Processor Contract
  • Checklist
  • Data Controller - Summary

Module 21: Practical Implications: GDPR

  • Brexit and its Impact on the GDPR
  • Adequacy
  • What does this Mean in Practice?
  • EU and UK Representatives
  • Exemption Rule
  • One-Stop Shop

Module 22: Legal Requirements of the GDPR

  • Lawful, Fair, and Transparent Processing
  • Limitation of Purpose, Data and Storage
  • Data Subject Rights
  • Consent
  • Personal Data Breaches
  • Privacy by Design
  • Data Protection Impact Assessment
  • Data Transfers
  • Data Protection Officer
  • Awareness and Training

Module 23: Privacy Principles in GDPR

  • Lawfulness, Fairness, and Transparency
  • Purpose Limitation
  • Data Minimisation
  • Accuracy
  • Storage Limitation
  • Integrity and Confidentiality

Module 24: Common Data Security Failures, Consequences, and Lessons to be Learnt

  • Common Data Security Failures
  • Consequences
    • Fines Relating to Data Breaches
    • Litigation from Customers Relating to Data Breaches
    • Directors, Officers, and Professional Advisors
    • Reputational Damage
  • Lesson Learned
    • Knowing When and How to Communicate with Affected Individuals is Not Easy
    • GDPR is Important, as are Other Legal Frameworks

Show moredowndown

Who should attend this Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Course?

The Certified EU GDPR Foundation and Practitioner Course aims to educate professionals about the details of the GDPR and how to implement and comply with its provisions. This GDPR Training Course can be beneficial for the professionals, including:

  • Data Protection Officers
  • Data Privacy Lawyers
  • IT Security Professionals
  • Compliance Officers
  • Privacy Professionals
  • Legal Professionals
  • Risk and Compliance Managers
  • IT Consultants

Prerequisites of the Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Course

There are no formal prerequisites required for the Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Course.

Certified EU General Data Protection Regulation Foundation and Practitioner Course Overview

The General Data Protection Regulation (GDPR) is a comprehensive data privacy and protection framework enacted by the European Union (EU) to safeguard the personal data of its citizens. The regulation grants individuals' greater control over their data, ensuring transparency, consent, and the right to access, rectify, or erase their personal information, ultimately aiming to harmonise data protection laws across the EU and fortify individuals' rights in the digital age.

The Knowledge Academy's General Data Protection Regulation (GDPR) Course is a comprehensive and in-depth structure designed to equip professionals with the knowledge and skills required to navigate the complex landscape of data protection and privacy regulations. Safeguarding sensitive data is paramount, and this GDPR Training Course provides a deep dive into GDPR, the European Union's landmark legislation.

This 4-day GDPR Training Course provides a detailed introduction to the EU GDPR, and a full overview regarding how to plan and implement a continuous compliance approach. It enables delegates to fulfil the knowledge requirements of a Data Protection Officer (DPO) – a position that is now a legal requirement in EU Organisations with a central data storage and processing function. The Knowledge Academy's GDPR Training Course consists of the EU GDPR Foundation (two days) and GDPR Practitioner (two days) training courses.

Course Objectives

  • To understand the fundamentals of GDPR legislation
  • To comprehend the rights and responsibilities of data controllers and processors
  • To learn how to conduct data protection impact assessments (DPIAs)
  • To develop expertise in data subject consent and management
  • To gain insights into GDPR compliance and risk assessment
  • To master cross-border data transfer regulations
  • To learn best practices for data breach management and reporting
  • To acquire practical skills for implementing GDPR compliance within your organisation

After successfully finishing The Knowledge Academy's GDPR Training Course delegates will possess a comprehensive understanding of GDPR regulations and adherence. They will acquire the abilities necessary to evaluate, execute, and sustain GDPR conformity within their respective companies, guaranteeing the fulfilment of data protection and privacy criteria.

Show moredowndown

What’s included in this Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Course?

  • Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Examination
  • World-Class Training Sessions from Experienced Instructors
  • Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Certificates
  • Digital Delegate Pack

EU GDPR Foundation Exam Information

To achieve the Certified EU General Data Protection Regulation (EU GDPR) Foundation, candidates will need to sit for an examination. The exam format is as follows: 

  • Question Type: Multiple Choice 
  • Total Questions: 45 
  • Total Marks: 45 Marks 
  • Pass Mark: 65%, or 29/45 Marks 
  • Duration: 60 Minutes 
  • Open Book/ Closed Book: Closed Book

Why choose us

Our Pretoria venue

Includes..

Free Wi-Fi

To make sure you’re always connected we offer completely free and easy to access wi-fi.

Air conditioned

To keep you comfortable during your course we offer a fully air conditioned environment.

Full IT support

IT support is on hand to sort out any unforseen issues that may arise.

Video equipment

This location has full video conferencing equipment.

Pretoria is one of the three capital cities within South Africa, it has a population of around 740,000 inhabitants. The city is northeast of the city of Johannesburg in the northeast region of South Africa. Pretoria’s main spoken language is Afrikaans as well as Pedi, Tswana, Zulu and English. The city has a large white community with white designated areas.The city of Pretoria has an unemployment rate of around 25.8%.Pretoria has the largest residential universities within South Africa, Tshwane University of Technology offers various diplomas and degrees in vocational courses. The university has around 60,000 enrolled students. Tshwane has two faculties, Science and Arts. 

Show moredown

Address

Protea Hotel Hatfield

1141 Burnett Street

Pretoria

South Africa 

0083

T: +27 800 780004

Ways to take this course

Experience live, interactive learning from home with The Knowledge Academy's Online Instructor-led GDPR Training | EU GDPR Foundation And Practitioner in Pretoria. Engage directly with expert instructors, mirroring the classroom schedule for a comprehensive learning journey. Enjoy the convenience of virtual learning without compromising on the quality of interaction.

Unlock your potential with The Knowledge Academy's GDPR Training | EU GDPR Foundation And Practitioner in Pretoria, accessible anytime, anywhere on any device. Enjoy 90 days of online course access, extendable upon request, and benefit from the support of our expert trainers. Elevate your skills at your own pace with our Online Self-paced sessions.

Experience the most sought-after learning style with The Knowledge Academy's GDPR Training | EU GDPR Foundation And Practitioner in Pretoria. Available in 490+ locations across 190+ countries, our hand-picked Classroom venues offer an invaluable human touch. Immerse yourself in a comprehensive, interactive experience with our expert-led GDPR Training | EU GDPR Foundation And Practitioner in Pretoria sessions.

best_trainers

Highly experienced trainers

Boost your skills with our expert trainers, boasting 10+ years of real-world experience, ensuring an engaging and informative training experience

venues

State of the art training venues

We only use the highest standard of learning facilities to make sure your experience is as comfortable and distraction-free as possible

small_classes

Small class sizes

Our Classroom courses with limited class sizes foster discussions and provide a personalised, interactive learning environment

value_for_money

Great value for money

Achieve certification without breaking the bank. Find a lower price elsewhere? We'll match it to guarantee you the best value

Streamline large-scale training requirements with The Knowledge Academy's In-house/Onsite at your business premises. Experience expert-led classroom learning from the comfort of your workplace and engage professional development.

tailored_learning_experience

Tailored learning experience

Leverage benefits offered from a certification that fits your unique business or project needs

budget

Maximise your training budget

Cut unnecessary costs and focus your entire budget on what really matters, the training.

team_building

Team building opportunity

Our offers a unique chance for your team to bond and engage in discussions, enriching the learning experience beyond traditional classroom settings

monitor_progress

Monitor employees progress

The course know-how will help you track and evaluate your employees' progression and performance with relative ease

What our customers are saying

GDPR Training | EU GDPR Foundation And Practitioner in Pretoria FAQs

The General Data Protection Regulation is all about protecting your data from misuse. This rule is basically your digital bodyguard against data misuse. By enforcing this compliance, the European Union ensures companies treat your personal information with respect.
GDPR certification makes your resume much more desirable to recruiters, indicating your seriousness about protecting data. This GDPR Foundation and Practitioner Certification becomes a source of knowledge and opens many doors to keeping data safe in this specialised industry.
While for the initial exam of GDPR Foundation, there are no formal prerequisites, same is not true for the practitioner exam. The Practitioner Course demand that the delegates have cleared the foundation exam before taking more advanced exams.
Going through the GDPR Training sets you up to excel in the field of data privacy. It's all about keeping data safe and building trust, making you the person companies need in our oversharing world.
What are the levels of difficulty for these GDPR Foundation and Practitioner Course? The Foundation Course is your entry-level stress-free intro to GDPR basics. The Practitioner level increases the challenge, diving deeper into applying those principles in real-world scenarios. Collectively the course is a step-up in difficulty with a manageable learning curve.
This GDPR Data Protection Training is like a full toolkit for readiness in data protection. It covers everything from the legal basics to how to practically apply these rules in your daily work. It's a mix of theory, practical exercises, and real-life case studies.
This course is a good choice for anyone looking to get savvy with data protection. It's great for you if you're aiming to be the next Data Protection Officer or just want to make sure you're handling data correctly in your role. It's essential learning for the privacy-conscious professional.
This GDPR Foundation and Practitioner Course spans over a duration of 4 days.
Yes, the Digital Delegate Training Pack consist in hands-on exercises, case studies, or real-world scenarios. This makes sure the delegates find the confidence in applying what they have learned in theory, in real world application.
Delegates are recommended to contact The Knowledge Academy support team if they feel blocked in any sense while trying to access the course materials. They can help you get back on track with accessing your course content, allowing for a smooth learning journey.
Absolutely, corporate training is an option for organisations looking to train their employees. It's a great way to get your entire team up to speed on GDPR, as it is tailored to fit the needs of your organisation.
The GDPR exam typically consists of multiple-choice questions, covering topics such as data protection principles, rights of data subjects, and obligations for data controllers and processors. It may also include scenario-based questions to assess practical application of GDPR principles.
This course can power-up for your career, giving you the knowledge and credibility to handle data with confidence. It opens doors to roles that require GDPR knowledge, marking you as a professional in data protection circles.
The GDPR exam typically consists of multiple-choice questions, covering topics such as data protection principles, rights of data subjects, and obligations for data controllers and processors. It may also include scenario-based questions to assess practical application of GDPR principles.
The GDPR Course Structure includes an overview of GDPR principles, data protection rights, compliance requirements, data breach management, roles and responsibilities of data controllers and processors, and practical case studies to understand implementation and best practices in data protection.
Upon successful completion of the GDPR Foundation and Practitioner Training Course, delegates will be awarded a certification. This certification serves as formal recognition of the delegate’s understanding and capability in GDPR compliance.
Absolutely, we've got a self-paced online version of the GDPR Foundation and Practitioner Course. This is perfect for the delegates who wish to learn on their own terms, letting them go through the material whenever it fits their schedule and convenience.
The GDPR Foundation and Practitioner Course provides comprehensive training on the General Data Protection Regulation. You'll get to the core principles, understand your data protection duties, and figure out how to apply all this knowledge in different organisational settings.
The training fees for Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner certification in Pretoria starts from R11495
The Knowledge Academy is the Leading global training provider for Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner.
Please see our GDPR Training courses available in Pretoria
Show more down

Why choose us

icon

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

icon

Many delivery methods

Flexible delivery methods are available depending on your learning style.

icon

High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo
backBack to course information

Advanced Data Protection Bundle

Save upto 40%
4 courses

Total without package:  R214980

Package price:  R128995 (Save R85985)

Purchase now

Data Protection and Compliance Package

Save upto 40%
3 courses

Total without package:  R109885

Package price:  R65895 (Save R43990)

Purchase now
cross

OUR BIGGEST SPRING SALE!

Special Discounts

*WHO WILL BE FUNDING THE COURSE?

close

close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

close

close

Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.