Data Protection Foundation course

3 days, 4.5 hours a day | 2 days, all day

Comprehensive and practical introduction in Data Protection and Privacy, and how to apply them.

Data Protection Foundation (DPF) offers a comprehensive course for individuals that need to understand their rights and responsibilities under privacy laws & regulations and the GDPR in specific. It offers you an overview of the obligations of your organization and of the rights of those from whom you’re collecting personal data. You will gain a thorough understanding of the EU’s General Data Protection Regulation (GDPR), interpreting its terminology and provisions supported with practical examples and scenarios. At the end of the course, you will have a clear picture of rights and obligations under the GDPR and you will be able to translate the law to your daily life and work. This is an entry level training. If you’re looking for an advanced training to manage, lead and implement privacy and data protection in your organization, have a look at our DPO training, the Data Protection Practitioner.

Authors & Lead Trainers

Bart Baars
Author & Trainer

Privacy consultant
Privacy Officer

Anouk Dekoninck

Data Protection Program
Manager at PwC

At a Glance

Entry level

Data Protection Foundation

3 days, 4.5 hours a day

Anyone who collects, edits or manages personal data. Entry level data protection or privacy professionals.

Understand the GDPR, your rights and obligations through real-world examples and fictive scenarios that will enable you to apply them in your daily work.

Historical and legal context of European privacy and data protection legislation and the GDPR, essential terms and concepts employed.

GDPR’s material and territorial scope:  Information and activities that the GDPR applies to, and in what situations the GDPR applies within and outside the EU/EEA.

Main provisions and their consequences for individuals and businesses: GDPR’s seven key processing principles, restrictions on the processing of personal data and the obligations of controllers and processors.

How compliance with the GDPR can be demonstrated to the supervisory authority and the consequences of non-compliance. Where to find additional information about specific provisions.

What’s included

  • Official SECO-Institute course materials
  • Training from passionate instructors with exceptional skills
  • Access to the SECO member portal
  • Practice exam
  • Exam voucher
  • Membership to SECO’s Alumni Network after passing the exam


Day 1 – The House of Data Protection


• History of the right to privacy and the right to data protection
• Legal instruments of the Council of Europe and the European Union (Treaty, directive, regulation…)
• Most important changes under the GDPR
• EU data protection laws in specific sectors


• The Foundation of your House: Terms and Scope
• Pillar 1: Processing Principles
• Pillar 2: Restrictions
• Pillar 3: Obligations
• Pillar 4: Communication
• The Roof of your House: Accountability

Day 2 – The House of Data Protection (continued), a Best Practice Framework, Exam preparation

Module 3 offers a brief overview of the structure of BS 10012, a best practice framework for a personal information management system that is aligned with the principles of the GDPR.


• Bringing it all together
• Key takeaways and next steps
• Exam preparation

Collect your badge of honor


  • Language: English
  • Delivered: Online via a certified proctor
  • Questions: 40 multiple choice
  • Time: 60 minutes
  • Pass rate: 60%

Join our Alumni Network

Dates & locations

This program is conducted by our training partner, Security Academy Online.

Find a Local Training Partner

Organize a class dedicated for your team