Data Protection Foundation (S-DPF)

Complete beginner's GDPR training & certificate. Learn from experienced privacy professionals.
EnrollBook as in-company

What will you learn?

  • 9Understand the GDPR through easy explanations, real-world examples and practical exercises;
  • 9Get a clear picture of your rights and obligations under the GDPR;
  • 9Translate the GDPR to your daily life and work.


  • 3 course days, 1pm – 5.30pm CEST
  • 8.5 hours of self-study
  • R1 CPE credit per study hour

Data Protection Foundation – Comprehensive online beginner’s GDPR training and certificate

Our Data Protection Foundation course is designed by experienced privacy experts to help you truly understand the EU General Data Protection Regulation (GDPR) and meet fundamental compliance requirements. The training combines in-depth analysis of the GDPR’s key terms and provisions, practical examples, interactive group discussions and exercises based on actual events to equip you with the ability to translate the GDPR to your daily work. By completing the course and passing your certification exam, you demonstrate your ability to handle personal data in a GDPR-compliant way, which is a valued skill for any job role that involves working with people’s information. If you aspire to start a career in privacy, you will be fully equipped to follow Data Protection Practitioner, a hands-on training to learn and practice the tasks of a Data Protection Officer.

Why join Data Protection Foundation?

Privacy is an ongoing concern for organisations in all sectors. Data protection authorities are increasingly monitoring GDPR-compliance, imposing fines of up to 4% of an organisation’s annual global turnover or €20 million. At the same time, consumers are also becoming more aware of their privacy rights and more selective about whom they trust with their information. In today’s increasingly privacy-conscious regulatory and consumer landscape, a good understanding of European privacy rules and the ability to handle personal data in accordance with the GDPR are valuable skills in any industry.

This entry-level course provides a basic but thorough introduction to the GDPR’s key principles and their application to real-world processing activities. No prior knowledge of the GDPR is required to participate. If you already have a good understanding of GDPR terminology, processing principles, controller and processor obligations and data subject rights, we recommend you to take our Privacy & Data Protection Practitioner course, where you can practice writing a privacy notice, conducting a Data Protection Impact Assessment (DPIA), drafting a data breach procedure, and performing other key DPO activities.

Who should join Data Protection Foundation?

This entry-level online GDPR training and certificate are ideal for anyone wishing to start a privacy career without a background in European data protection. The course is also extremely useful for professionals who work with personal data in other fields and wish to enhance their value to employers by adding certified GDPR skills to their profile.

This training is the perfect choice if you:

  • Aspire to start a career in privacy and want to have the basics covered before following more advanced GDPR trainings;
  • Are an information security or IT security professional and wish to improve your cooperation with Data Protection and Privacy Officers;
  • Own a business or manage a team, make decisions on collecting and using people’s information, and need to understand your obligations under the EU GDPR;
  • Work with personal data in marketing, administration, healthcare, customer service, accounting or any other role and wish to enhance your value to employers by demonstrating your ability to contribute to your organisation’s GDPR-compliance.

What is included?

  • Official SECO-Institute course materials developed by practicing data protection specialists;
  • Training from experienced privacy experts who can introduce you to real-world privacy issues and solutions;
  • Practice exam and exam syllabus so you can fully prepare for your certification exam;
  • Certification exam voucher
  • Access to the (S)ECO-system, a professional community website where you will find additional resources and data protection templates you can use at work.

Learning objectives of Data Protection Foundation

  • Understand the historical and legal context of European privacy and data protection legislation and the General Data Protection Regulation;
  • Understand the GDPR’s key terms and definitions;
  • Understand the GDPR’s material and territorial scope (what information and what activities the GDPR applies to, what are the exceptions, and in what situations the GDPR applies within and outside the EU/EEA);
  • Understand the main provisions of the GDPR and their consequences for individuals and businesses;
  • Interpret the GDPR’s seven key processing principles and apply them to real-life situations;
  • Interpret the restrictions on the processing of personal data and apply your knowledge to real-life situations;
  • Interpret the obligations of controllers and processors and apply your knowledge to real-life situations;
  • Know how compliance with the GDPR can be demonstrated to the supervisory authority;
  • Understand the consequences of non-compliance;
  • Know where to find additional information and resources about specific provisions.

About the Data Protection Foundation Certification Exam

The Data Protection Foundation certification exam is conducted by the SECO-Institute, Europe’s leading security and continuity certification body. The exam voucher is included in the course fee, but you need to schedule your exam with the SECO-Institute. Upon successful completion of the exam, you will receive an exam certificate and an invitation to register your official SECO-Data Protection Foundation (S-DPF) certification title free of charge. By activating your certification title, you will become a certified professional in your field and you will receive a shareable digital badge to verify your competence to clients, employers and fellow professionals.

Exam information

  • Exam language: English
  • Exam delivery: Online exam with remote proctoring
  • Exam format: 40 multiple-choice questions
  • Duration: 60 minutes

Benefits of a SECO Data Protection Foundation certificate

The Privacy & Data Protection Foundation certification exam covers key competencies that are essential for starting data protection specialists as well as any professional who handles personal data on a regular basis. By passing the exam and earning a SECO-Privacy & Data Protection Foundation (S-PDPF) certificate, you demonstrate the following data protection competencies:

  • Understand the GDPR and the opinions of the European Data Protection Board (former Article 29 Working Party);
  • Determine which GDPR provisions are relevant to your organisation;
  • Identify the controller, the processor, and the competent supervisory authority in a specific situation;
  • Understand the DPO’s role, tasks and responsibilities;
  • Understand the processing principles and know how to give them effect in practice;
  • Identify a lawful basis for the processing;
  • Assess the compatibility of processing purposes;
  • Know on what conditions you may process sensitive data and other specific categories of personal data;
  • Understand data subject rights and their limitations;
  • Determine what information must be provided to data subjects;
  • Know how to handle data subject requests and on what grounds a request may be rejected;
  • Recognise extra-EEA data transfers and know what requirements they must meet;
  • Know what to include in a processing register;
  • Identify “appropriate” technical and organisational measures to ensure the protection of personal data;
  • Know how to document and notify data breaches;
  • Determine whether a processing activity requires a data protection impact assessment (DPIA);
  • Know what documents you must create and maintain to demonstrate compliance to the supervisory authority.

What are the benefits of an S-DPF certificate?

An S-DPDF certificate demonstrates that you truly understand how to handle personal data in a GDPR-compliant way. In today’s increasingly digitalised and privacy-aware society, this ability is highly valued by employers in all sectors, from IT to banking and beyond. Due to the persistent labour market demand for GDPR-expertise, obtaining an S-PDPF title will provide you with career advancement opportunities in any profession that involves personal data.

If you are considering a career in privacy & data protection, S-PDPF is the first step towards opening yourself to a constantly expanding range of data protection jobs. Depending on your interests and background, S-DPDF may set you on the path to becoming a Data Protection Officer, a GDPR consultant, a GDPR project manager, a privacy consultant, or a compliance officer.

If you are an IT or information security professional, S-PDPF may be your first milestone to success in one of the abundant IT and cybersecurity roles that require a working knowledge of the GDPR. Adding clearly defined data protection skills to your profile will help you advance your career as a security manager, an IT security consultant, a security architect, or a data engineer.

If you work with personal data in any other field (such as healthcare, education, HR, marketing or sales), S-PDPF is your opportunity to give yourself a competitive advantage over your fellow professionals and improve your career prospects. Demonstrating an excellent understanding of the GDPR may increase your chances of getting a new job or transitioning to a higher position within your field.

Authors & Lead Trainers

Bart Baars
Author & Trainer

Privacy consultant
Privacy Officer Tennet

Anouk Dekoninck

Data Protection Program
Manager at PwC

Register now

In-company training tailored to your needs

Schedule this training as in-company. Upskill your entire team in the most cost-effective way.