Every organisation that collects or handles personal information must comply with data protection law. This half-day course provides a clear, practical overview of the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, helping you understand your legal duties and how to meet them.

Delivered by an experienced trainer, the session covers what personal data is, the lawful bases for processing it, and the rights of individuals. You’ll also explore accountability, transparency, and how to avoid the most common compliance pitfalls. Designed for anyone responsible for handling, managing, or storing personal data, whether in a small organisation, charity, or larger business, this course builds the confidence and knowledge needed to manage data securely and responsibly.

Key Learning

• Understand key data protection terminology and concepts
• Recognise the principles of UK GDPR and their application
• Identify the roles of data controller and data processor
• Conduct basic Data Protection Impact Assessments (DPIAs)
• Understand how to respond to data breaches and subject access requests
• Apply accountability and compliance best practice

Data protection is a legal requirement for all organisations that handle personal information. The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 set out clear expectations for how personal data must be collected, used, and stored — and the consequences for getting it wrong can be serious.

This half-day course provides a structured, accessible introduction to data protection and privacy compliance in the UK. It helps participants understand the legal landscape and practical steps needed to keep data safe and build trust with customers, service users, and employees.

Through interactive discussion and real-world examples, delegates explore key definitions such as personal data, special category data, data subjects, controllers, and processors. The course examines the seven core principles of GDPR: lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, and integrity and confidentiality, and how they apply in everyday situations.

Participants will also look at Data Protection Impact Assessments (DPIAs) and data breach management, understanding when and how to report incidents to the Information Commissioner’s Office (ICO). Guidance aligns with the ICO’s current best practice and includes references to the Accountability Framework, helping organisations evidence compliance.

The session highlights the financial and reputational risks of non-compliance, illustrated through recent UK enforcement cases, and provides actionable steps for creating a compliant culture within any team. By the end of the session, participants will have practical tools to support lawful data handling, policy development, and informed decision-making across their organisation.

Open course per person         £97
In-house for up to 6 people   £343
In-house for up to 12 people £365