Hands-on General Data Protection Regulation Course


  • Duration

    2 days

  • Course Fee


  • Ideal For
    • All employees who need an understanding of data protection and European legal requirements as defined in the GDPR
    • Data Protection Officer
    • Privacy Officer
    • Legal Officer / Compliance Officer
    • Security Officer
    • Business Continuity Manager

Upcoming Training Dates


EXIN Privacy and Data Protection Foundation (PDPF) is a certification that validates a professional’s knowledge about organising the protection of personal data, the EU rules and regulations regarding data protection.

Wherever personal data is collected, stored, used, and finally deleted or destroyed, privacy concerns rise. The EU General Data Protection Regulation (GDPR) affects every organisation that processes EU personal data. PDPF covers the main subjects related to protecting personal data.

The certificate EXIN PDPF is part of the EXIN qualification programme Privacy and Data Protection.



After completing this course the participant will:

  • Be familiar with European legislation, regulations and directives
  • Be familiar with privacy issues that may arise in their own organisation
  • Know how to help solve privacy issues


Privacy Fundamentals & Regulation

  • Definitions of privacy
  • Personal data
  • Legitimate grounds & purpose limitation
  • Further requirements for legitimate processing of personal data
  • Rights of data subjects
  • Data breach & related procedures

Organising data protection

  • Importance of data protection for the organisation
  • Data protection authorities
  • Personal data transfer to third countries
  • Binding corporate rules & Privacy in contracts

Practice of data protection

  • Privacy by design & privacy by default related to information security
  • Privacy impact assessment (PIA) & privacy audit
  • Practice related applications of the use of data, marketing & social media


  • Lecture style
  • Video clips
  • Discussions with consultants
  • Role play / presentations


  • Kevin Shepherdson, CIPM, CIPP/A, CIPT, FIP, Exin (GDPR, Infosec), GRCP
  • Celine Chew, CIPM, CIPP/A, CIPT, FIP, Exin (GDPR, Infosec), GRCP
  • William Hioe, CIPM, CIPP/A, CIPT, FIP, Exin (GDPR, Infosec), GRCP
  • Lyn Boxall, CIPM, CIPP/A, CIPP/E, FIP, GRCP, Exin (GDPR, Infosec), GRCA


Requirements for certification: Successful completion of the EXIN Privacy and Data Protection exam

Number of questions: 40
Pass mark: 65%
Open book/notes: No
Electronic equipment/aides permitted: Time allotted for examination: 60 minutes

Computer-based or paper-based multiple-choice questions


Includes 2 days of training.


Registration will be confirmed upon receipt of full payment via cheque.

Confirmation & Reservation

When registration is confirmed, participants will receive our email confirmation along with information of the course programme. If no seats are available for the applied date, you will be notified immediately and given an alternative date. Straits Interactive reserves the right to change the course schedules, programmes and content without prior notice. We also reserve the right to cancel the course due to unforeseen circumstances.


Request for withdrawal or postponement must be made in writing to Straits Interactive. Refunds arising from course withdrawal/deferment will be subjected to the following terms:

  • More than 2 weeks before course commencement: Full refund.
  • Less than 2 weeks before course commencement: 50% refund.
  • On or after course commencement: No refund.

Click here to register now for the Hands-on GDPR course in Malaysia!