GDPR for Small Business

GDPR for Small Business



This 2-day workshop is designed to provide a comprehensive introduction to owners and managers of small to medium sized businesses. Often owner-managers are aware of the GDPR but have little time or access to the right people and material to help them. In many cases accountants provide the first contact with requirement to comply with the GDPR but are unable to provide the necessary services.

Delegates will be taken through practical exercises to reinforce course material and have access to an online compliance platform on which many of the exercises will be undertaken.

Workshop material is fully cross-referenced online with the GDPR down to clause level with clickable links taking delegates directly to the relevant recital or article.

Ideal for

  • Owners and owner-managers of small business
  • Anyone with responsibility for personal data processing

What you'll get

  • GDPR workshop material
  •  Supplementary material including examples of required documentation

Learning objectives

  • Recognise the conditions requiring you to comply with the GDPR
  • Become aware of the necessary artefacts, structures, policies and procedures and keep this up-to-date
  • Reinforce the correct behaviours across the organisation regarding privacy risk and data subject rights
  • Understand GDPR concepts, definitions and activities (comprehension and application)
  • Recognise areas of GDPR/privacy concern


  • Module 1 – Introduction to GDPR and Privacy
    Module 2 – The question of domicile, residence, citizenship or location?
    Module 3 – Territoriality and a touch of Brexit
    Module 4 – Personal Data and Special Categories
    Module 5 – Principles and accountability
    Module 6 – Non-consent legal bases for processing personal data
    Module 7 – Consent
    Module 8 – DPO (Data Protection Officer)
    Module 9 – Controllers, Joint Controllers and Processors
    Module 10 – Records of processing
    Module 11 – Privacy notices
    Module 12 – Data Protection Impact Assessments (DPIA)
    Module 13 – Data subject rights and how to respond
    Module 14 – Data breach notification
    Module 15 – Security
    Module 16 – Transfers
    Module 17 – Data protection by design and default
    Module 18 – Penalties


  • 40 multiple choice questions
  • 60% pass rate required
  • 1 hour in duration
  • Closed book
  • On-line
  • On-site exam


  • Only the written content of the slide modules will be examined
  • You will be given Practice Exam Questions both within the body of the instruction and as self-study aid
  • The exam is ‘open book’ and you will be provided with a printed copy of the Recitals and Articles of the GDPR
  • The language of the exam and supporting materials is English (United Kingdom)