EU GDPR Data Protection Officer Course

This free Data Protection Officer course is intended for those performing the role of the Data Protection Officer (DPO). As a beginner-level course, no prior knowledge of EU GDPR or experience with the privacy role is necessary. You will learn everything you need to know about EU GDPR as well as the requirements for the DPO.

After completing the course, you will have the option to take an online certification exam. After passing the exam, you will receive a certificate proving that you know all the requirements of EU GDPR and that you are fully competent in performing the role of Data Protection Officer.

This DPO training is organized into 13 modules (content for each module is listed below), and each module has several video lectures and quizzes that will help you learn more quickly. At the end of each module, a recap quiz will prepare you for the certification exam. All the video lectures are pre-recorded, conveniently allowing access to the course from anywhere at any time.

  • The total course duration, including the reading of required materials, is approximately 15 hours.
  • Materials provided in the course (video lectures, articles, and practice exams) will teach you all the information you need in order to pass the certification exam.
  • There is no time limit to complete the course, but once you begin, it is recommended that you finish within two weeks’ time.
  • Access to this course and the quizzes is completely free; the fee for the online certification exam is 449 EUR – after you pass the exam you’ll receive your certificate in a matter of days.
  • After you purchase the exam, you will receive a bonus PDF containing scripts from all of the video lectures and quizzes, links to additional reading, and access to the practice exams.

Course Curriculum

Introduction to the course 00:00:00
Module 1: Privacy origins and GDPR basics
Introduction and suggested reading 00:00:00
Short history of privacy legislation 00:00:00
The General Data Protection Regulation 00:00:00
Related frameworks 00:00:00
Key terms 00:00:00
Key roles 00:00:00
Top myths about GDPR 00:00:00
Business activities that are most impacted by GDPR 00:00:00
Related documentation 00:00:00
Certification FAQs 00:00:00
Recap quiz 00:00:00
Module 2: Legitimate purposes and principles
Introduction and suggested reading 00:00:00
Legitimate purposes of processing personal data 00:00:00
GDPR principles 00:00:00
Understanding the principles through an example 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 3: Transparency through Privacy Notice
Introduction and suggested reading 00:00:00
The basics of Privacy Notices 00:00:00
Requirements and contents of a Privacy Notice 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 4: Inventory of processing activities and retention
Introduction and suggested reading 00:00:00
Inventory of Processing Activities – why and what? 00:00:00
Retention of personal data – why and what? 00:00:00
Fulfilling inventory and retention requirements – who and how? 00:00:00
Specific information required for controllers 00:00:00
Specific information required for processors 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 5: Consent and Data Subject Access Requests
Introduction and suggested reading 00:00:00
Consent – the basics 00:00:00
How and when to ask for consent 00:00:00
Data subject rights 00:00:00
Basic rules for Data Subject Access Requests (DSAR) 00:00:00
DSAR requests 00:00:00
DSAR exemptions and rejections 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 6: Data Protection Impact Assessment and risk assessments
Introduction and suggested reading 00:00:00
What is Data Protection Impact Assessment (DPIA)? 00:00:00
Step 1: Listing and grouping data processing activities 00:00:00
Steps 2 and 3: The threshold questionnaire & determining if DPIA is needed 00:00:00
Step 4: Answer the Data Protection Impact Assessment questionnaire 00:00:00
Steps 5 and 6: Identify and list key security risks 00:00:00
Step 7: Recording the implementation; maintenance 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 7: Security of personal data and privacy by design
Introduction and suggested reading 00:00:00
What is privacy by design? 00:00:00
Policies to be implemented to ensure security of personal data 00:00:00
Best practices to implement privacy by design policies 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 8: Data transfers and managing third parties
Introduction and suggested reading 00:00:00
Introduction to data transfers 00:00:00
How can data transfers be enabled? 00:00:00
Managing third parties 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 9: Data breaches
Introduction and suggested reading 00:00:00
The data breach basics 00:00:00
Data breach response 00:00:00
Data breach notifications 00:00:00
After a data breach 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 10: DPO basics
Introduction and suggested reading 00:00:00
Why does a company need a DPO? 00:00:00
The responsibilities of the DPO 00:00:00
Responsibilities towards the DPO 00:00:00
Hiring an external DPO 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 11: Defining the organisational approach to privacy
Introduction and suggested reading 00:00:00
The first thing to do as a DPO 00:00:00
Getting the buy-in from top management 00:00:00
Identifying the key stakeholders 00:00:00
How do you get buy-in from your key stakeholders? 00:00:00
Define a Personal Data Protection Policy 00:00:00
Setting up privacy governance 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 12: Setting up a Privacy Program
Introduction and suggested reading 00:00:00
Making a choice about internal or external resources 00:00:00
Choosing an external consultant 00:00:00
Set up the project management 00:00:00
Choosing the right project manager 00:00:00
Key steps in your project 00:00:00
Conducting a Gap Analysis 00:00:00
Advanced risk management 00:00:00
Treating the risks 00:00:00
Communication 00:00:00
Awareness and training 00:00:00
Key deliverables for compliance with GDPR 00:00:00
Monitor the implementation 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Module 13: Sustaining and improving compliance
Introduction and suggested reading 00:00:00
Methods for sustaining and improving compliance 00:00:00
Internal audit 00:00:00
Handling existing contracts with third parties 00:00:00
Handling new contracts with third parties 00:00:00
Regular reviews and improvement actions 00:00:00
Keep looking forward 00:00:00
Related documentation 00:00:00
Recap quiz 00:00:00
Instructions for taking the exam and obtaining the certificate 00:00:00

Benefits of getting the certificate

A certificate of competence proves that you attended the eTraining course and that you passed the certification exam. This ensures that you understand and can apply the knowledge you gained in each of the course's modules.

How to get certified?

It's simple:
1) Watch complete videos of all lectures, and answer all practice exams.
2) Pass the online certification exam.

Bonuses with the certificate

Once you purchase the certificate, you will receive the following bonuses:

Discount badge

DPIA Register (Excel document)

The Register is used to document the Data Protection Impact Analysis. The document consists of the Threshold Questionnaire that determines which data processing activities need to be analyzed, and the DPIA Questionnaire that assesses the risks and defines the security measures/safeguards.

The document includes five questions in the Threshold Questionnaire section that will help the company decide if a DPIA is needed or not, and 23 questions to help companies complete the Data Protection Impact Assessment. All the questions included in the DPIA Questionnaire are marked as mandatory or non/mandatory accordingly, in order to ensure that no mandatory question will be missed. The company can include additional questions to suit additional company needs.

Course Script (PDF)

If you decide to purchase the exam you will get the PDF script from the course completely free. The script includes everything said in the videos and all quizzes.

This way, you can access course materials any time you like, making it much easier to practice and prepare for the exam.

Free exam retake

Once you purchase the exam, you will be able to retake it.

This means, if you do not pass the exam on your first attempt, you can retake it one time, free of charge.

There is no mandatory waiting period between the two attempts.

Practice Exam

With the purchase of the exam, you get access to practice exams. You can use these exams to test your knowledge and familiarize yourself with the exam environment.

The results from the practice exam do not have any effect on the results of the final exam.

Course Reviews

  1. GDPR DPO Course

    I thoroughly enjoyed studying the course. The fundamentals are easy to understand and navigate, and the role of the DPO was clearly defined. I would definitely recommend this course to somebody who is interested in learning more about GDPR. Just pace yourself as there is a lot to learn.

  2. GDPR DPO Course

    The course content is very precise, easy to understand and the video lectures by Mr Tudor Galos is crisp, to the point and covers relevant Articles of GDPR in an excellent manner. The flexibility to complete the course at my own will is also appreciated.
    Thank you Advisera!!!

  3. GDPR DPO course

    Flexible format I could dip in and out whenever work and family time allowed without the stress of meeting additional deadlines because I’m given as long as I need to complete the course
    Excellent delivery of the course content, this could have been a very heavy subject for a complete novice but with the manageable bitesize units, clear and concise video tutorials, and recap quiz shows if a course is well put together then any one can learn about a complex subject
    Additional content is offered free, the suggested reading in each introduction and the Security Awareness Training offered alongside the GDPR course is a similar format for learning which gives learners additional knowledge
    Excellent communication throughout the course via email and online chat feels like you have your own personal tutor to get you through the course
    Easy 5 star rating for an outstanding online course

  4. GDPR DPO course

    I’m happy with this course, nice small bite size info in a clear and concise manner. If I every work as a DPO I will be buying those documents for sure. Thanks guys for putting all this together. Its great to get the course for free and to have as long as you need to complete. I can keep working at it at my own pace whenever get a bit of free time. Time is so hard to come buy these days 🙂

  5. Excellent course

    Easy to understand and follow. Would recommend this course highly to those wishing to pursue their knowledge in this sector.

  6. Very Good Basic Information

    The information provided allows one to have an informed conversation regarding GDPR. It highlights some of the additional requirements necessary to be fully conversant and is delivered in small digestible components.

    Would recommend to those that are online learners.

  7. Nice overview

    Nice overview. Pleased put closed captions in all your courses.

  8. Excellent Course

    Very easy to follow and precise information.

  9. Nice explanation
    I liked TUDORS explanation with examples so we can understand better. Nice.

  10. Great Bite size Videos with the right level of depth

    Course contained just the right level of detail to provide a great overview of GDPR and the role of the DPO. Videos were just the right length to convey the relevant points within the specific module and were really easy to understand. The content and presentation was such that it was easy to dip in and out and manage alongside the everyday workload.

  11. Module 1

    Very concise , pragmatic and effective.
    Thanks, Tudor

  12. Great delivery

    I love the fact that it is broken up into “bite sized” chunks. With many distractions at work, I can do this course and not lose the momentum of completing it. Very informative and thorough.

  13. Efficient

    The course is very pragmatic and efficient.
    After this course i can say that i am feel more confident in my data protection activities.

  14. Great course

    It lets you know easily all the sneaky aspects of the legislation. In discussions with folks in my group it has made me more knowledgeable than others. Kudos to you sir.

  15. Very good and well organize course!

    Very good and well organize course!

  16. Directive 2006/24/EC is invalid

    The course is great, but in Module 4, Directive 2006/24/EC is suggested for read, but I found this:
    It is clearly stating that this directive is no more legal. And it is never mentioned in GDPR text.
    So would you please clarify this?

  17. Very good course

    Dear Advisera, Tudor,

    Very well structured course with different types learning methods. This requires the student to be active and also find information oneself. This has a good balance of theory and practicalities. The documents, templates, checklists etc. are very good practical advise. The flow of subjects follow an interesting path. This is an easy course to follow, but it required concentration. The latter is only a good issue. The units are of good length. The one or two 4 minutes units require stamina. Some questions in the end of the units are a bit naive including the ones paying with words. Tomorrow I will go for the certificate.

    Kind regards,

  18. Very good course

    Concise and in plain english.

  19. Great course

    Dear Advisera, Tudor,
    A very clear and concise course that I liked a lot.
    As I’ve been working with ISMS earlier I felt rather comfortable with GDPR and will now go for the exam as well.

    I liked that fact that you’ve been able to divide subjects down to very understandable detail. The examples pointed you the correct direction.

    When I have cleared the GDPR exam I will start with the ISMS course (any news here? I heard something about Lead Implementer training…)

    Well done and many thanks!

  20. Fantastic Course

    Dear Tudor et al.,

    I just completed your EU GDPR Foundations and DPO Course. I knew nothing about data privacy before. And after just a few days of taking this course I feel I almost have enough knowledge to fulfill the role of a DPO. That is not an indication of my intellect but rather of the clarity and quality content of your course.

    Thank you. I enjoyed it immensely.


  21. Course completion certification

    Dear Team,

    First i would like to say a Big thank to your team for all efforts.

    Course content was really nice and explained very well!!

    You should also provide or issue a Course completion certification.

    Deepak Singh

  22. Excellent

    Wonderful Training on GDPR.. Clear and Crisp, i would recommend all Privacy Professionals to take up this course and obtain the certification.

  23. Very good lecture

    Very good lecture and his explanations are very nice .

  24. DPO course helped shed some light on a rather new and vague field

    As stated in the title this course helped me better understand this rather new field. It gives documentation and references to specific articles. In my opinion the videos are short , concise and well structured per chapters.
    I am a big fan of unlimited access no completion time limit classes, these allow me to study around my schedule.

    All in all I would recommend this course with or without a certification to anyone who wants to be involved in this or just have a better understanding of the general GDPR and DPO concept.

  25. Clear, concise and authoritative for the beginner to mid-level data protection student or professional

    1) The DPO specific content was found to be to a very high standard with excellent animated video support. This does not come as a surprise, given my long experience with the excellent ISO deliverables of this company.
    Despite the statements made below I would certainly recommend this course unreservedly, even if it is to be used as a refresher.
    2) It was always going to be expected that the “EU GDPR Foundations Course” material would be integrated. Also, there are very regular references to the EU GDPR Academy’s own documentation, which often requires payment; that said I have just downloaded the sample set and am very impressed with its content and coverage.
    3) The ‘Activity’ test questions below each unit tended to be a little trivial, I nearly always answered them first. Similarly the ‘PRACTICE EXAM’ questions may not need the student to actually undertake the course.
    4) This course faces partial competition from the respective IAPP (CIPP/E), IT Governance Ltd. (Certified EU General Data Protection Regulation Practitioner) and theKnowledgeacademy (Certified Data Protection Officer) courses; the first 2 offering ISO accreditation and thus post-nominals – though at a far more significant cost!!

  26. Great course

    I really enjoyed the course, it gave me a clear picture and helped me improve my understanding of the GDPR. Questions and practice exams should be a little more challenging in order to really assess understanding a preparation.

  27. This is a userful course to prepare the DPO.

    I learned more about GDPR before to follow this course and I say that I can evaluate objective this one. In my opinion this course is the best choice to prepare a DPO.

  28. View moreShow less

Frequently Asked Questions

No, you can attend the course as long as you like; however, you should try to finish it in a couple of weeks because otherwise, you won’t get enough benefits out of it.

You can access it any time – the course is a combination of recorded video lectures, quizzes, reading, and other activities, and because all those materials are readily available, you can access them at a time that is convenient for you.

None. The course was made in such a way that a beginner in this topic can easily understand it.

Well, we have to make money somehow :). We have made most of the course freely available, but to access the exam and get the certificate you’ll have to pay a fee – by the way, this fee is by far smaller than the fee for attending the classroom-type course. Additionally, when you pay for the certificate, you will be able to download a PDF scripts from all of the video lectures, activity questions, practice exams, and links to additional reading. This way, you can access the content from the course and prepare for the exam much more easily.

The exam, as well as the whole course, is completely done online, from your office, your home, or any other place convenient for you. For the exam we use an online proctoring service – click here to learn more.

After you finish attending the course, you can go for the exam – if you finish this exam successfully, i.e., if your score is above the minimum, then you will receive the certificate. By the way, during the exam we use an online proctoring service that will ask for proof of your identity, and make sure that you have taken the exam with no external help. Click here to learn more about online proctoring.

The course is a combination of recorded video lectures, quizzes, reading, and other activities – the course takes you through all these materials in an optimal way.

You can access the course using your PC, Mac, or mobile device, using any major browser (i.e., Chrome, Mozilla, Internet Explorer, Safari); a broadband Internet connection will also be needed. And, of course, enough time to attend the course.

The materials provided in the course – recorded video lectures, quizzes, readings, practice exams, and other activities – are everything you need to successfully pass the exam and obtain the certificate. The best part is: they are completely free with unlimited access!

If you decide to purchase the exam, you will receive a bonus PDF containing scripts from all of the video lectures, quiz questions, links to additional reading, and access to the practice exams. This way, you can prepare for the exam much more easily.



  • Exemplar Global logo
    Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL logo
    ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL logo
    DNV GL Business Assurance is one of the leading providers of accredited management systems certification.