Follow us on Twitter and LinkedIn to stay connected with NAA

Follow us on LinkedIn Follow us on Twitter

Stay in touch. Get all the latest NAA news and events straight to your email.

Please fill in the email box and click the sign up button


    This online GDPR course is designed to make your learning experience as easy as possible.

    The course provides you and your staff with key facts about the upcoming General Data Protection Regulation.

    More importantly, it also provides your company with a complete online audit trail as standard, so you know who has completed the training and passed the test.

    GDPR – Why you must be compliant

    On the 25th May 2018 the EU General Data Protection Regulation (GDPR) superseded the UK Data Protection Act 1998. It expands on individuals’ rights to control how their personal data is collected and processed, and places new obligations on data controllers and processors to be more accountable for data protection.

    GDPR applies to all EU organisations that collect, store or process the personal data of individuals residing within the EU as well as, organisations based outside the EU that offer goods or services to EU residents, monitor their behaviour or process their personal data.

    There are many changes brought about by the introduction of GDPR. The key changes are:

    • Consent – the request for consent must be given in an intelligible and easily accessible form.
    • Breach Notification – where a data breach is likely to result in a risk for the rights and freedoms of individuals, they must be notified along with the ICO, within 72 hours.
    • Right to Access – data subjects have the right to find out if their data is being processed, where it is processed and for what purpose.
    • Right to be Forgotten – data subjects have the right to request data held about them is erased or halt the processing of that data.
    • Data Portability – data subjects have the right to receive personal data concerning them and to transmit that data securely to another data controller.
    • Data Protection Officers – a data protection officer is mandatory for controllers and processors whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale or of special categories of data or data relating to criminal convictions and offences.

    The consequences of not abiding by GDPR have increased from those associated with the Data Protection Act. They fall into two classifications:

    • Less severe breaches – Maximum fine is £10 million or 2% of a company’s annual revenue, whichever is greater.
    • More severe breaches – Maximum fine is €20 million or 4% of a company’s annual revenue, whichever is greater.

    Course Overview

    • What is data protection?
    • Who does GDPR apply to?
    • What does GDPR apply to?
    • Knowledge Check

    Course Principles

    • Principles of GDPR
    • Lawfulness
    • Accountability
    • Knowledge Check


    • Individuals Rights
    • Knowledge Check


    • GDPR Responsibilities
    • Breach Notification
    • Knowledge Check
    • Conclusion

    Cost :

    £25 + VAT per licence

    Register and pay

    European Regional Development Fund Northern Powerhouse
    Partners Department for Business Innovation and Skills Finance Birmingham