Our latest COVID-19 information - now taking bookings for online webinar courses

Complying with the new General Data Protection Regulation Training Course

A one-day *in-house* event providing expert advice on the complex and confusing implications of the GDPR and the new Data Protection Act.

What this programme is about

The EU General Data Protection Regulation (GDPR) is a major new piece of legislation which came into force across the EU on 25 May 2018. It provides a single data protection law for the whole EU. It is Brexit- neutral in that the government has said it will apply in the UK even after Brexit through the new Data Protection Act. The new stringent data protection requirements apply to all organisations in the EU (and it is even extra-territorial in that it also applies to many organisations entirely outside of the EU).

The GDPR implements a raft of new rights for individuals and how their personal data is processed – and processing includes every activity known to man: reading, storing, manipulating, transferring – even possessing.

Every business now uses personal data in some way, whether staff data, customer data, prospect data or supplier data. And there’s plenty more data too. The maximum penalties for getting it wrong have been increased to the greater of 4% of annual global group turnover of an organisation or 20 million Euros, depending on the severity of the breach. The definitions of ‘personal data’ sometimes even applies when that data appears to be anonymised. It is essential to know what the law requires – as it should now be part of ‘Business as Usual’ for every business worldwide.

Mark Weston is a leading expert on GDPR having carried out and supervised over 80 GDPR audits and provided advice to organisations of all types and all sizes. One key benefit of the course is the ability to ask Mark Weston about particular issues that may affect you and your business.

Benefits of this in-house programme

  • Learn about the GDPR and the new personal data regime
  • Understand how it affects your business – root and branch
  • Get-to-grips with the basics (and many of the nuances) of the new
    data protection law
  • Consider how it affects you and the business you work for
  • Get up-to-date with an in-depth knowledge of the law and practice of
    GDPR implementation
  • Understand the pitfalls – and how to avoid them
  • Clarify the roles of controllers, processors and sub-processors
  • Master the ins and outs of the rules on obtaining consent
  • Expand your knowledge of privacy by design
  • Appreciate how to best avoid breaches and fines that may result
  • Understand the risks that can be created through poor implementation
    or non-implementation of data structures mandated by the new regime
  • Understand how to effect change in your organisation so as to instil a
    correct data culture – which will manage your risk and exposure

Who is this programme for?

This programme has been specifically designed for those who deal with personal data in any way:

  • In-house lawyers
  • Private practice lawyers
  • Compliance officers
  • Company secretaries
  • Board members
  • HR professionals
  • Marketing professionals
  • Anyone who uses or possesses personal data

Programme at a glance...

All sorts of scenarios are covered, including questions such as:

  • Can you keep business cards when they are handed to you?
  • What happens to that ‘private data’ you keep in Outlook notes field?
  • What controls do you need on the person who cleans out the bins?
  • Are you a processor or controller – or both? What if this is true for the same data that you use for different purposes?
  • How do you tell people you have their data and what you do with it?
  • What is the difference between a privacy notice and a privacy policy?
  • Do you have to comply with the GDPR if you are based outside the EU?
  • What if you process EU citizen data and non-EU citizen data (whether you are in or out of the EU)?

Essential EU GDPR background, terminology and rights

The roles of and relationships between controllers and processors and sub-processors

Data subjects

Implementation of GDPR requirements

Enforcement and regulatory and compensatory aspects of the GDPR

Data breaches

International data transfers

The Data Protection Officer (DPO)

Demonstrating compliance

Tailored question and answer session

Presenter's firm

Hill Dickinson logo

Hill Dickinson is a leading and award-winning international law firm with offices in London, Liverpool, Manchester, Sheffield, Piraeus, Singapore, Monaco and Hong Kong. As a full service law firm, it delivers advice and strategic guidance spanning the full legal spectrum from non-contentious advisory and transactional work, to all forms of dispute resolution.

Its commitment is to provide a fast and efficient service wherever its clients operate. As its business has grown and diversified, it has recognised the strength and importance of the principles held by its people; putting clients first and operating as one team to realise its goals and share its success. These principles have formed the foundation of its culture and the way its lawyers interact with one another and the firm’s clients. They are what distinguish it and are vital to its future.

The firm is on the panel of a number of national and international organisations and regularly competes against many of the City firms. In recent months they have been able to win a number of panel reviews against City firms.

Clients of the firm include

• Carrs Milling Industries • Co-operative Group • CRH Group • Elstree Film Studios • Halewood International • Health Education England • Iceland Foods • Johnson & Johnson plc • Lavinia Corporation • Lloyds Bank • National Express • Odeon Cinemas • Peel Group • Stobart Group • United Utilities plc • Zeneca Group.

To find out more out what Hill Dickinson can do for you click HERE.


Mark is a Partner at Hill Dickinson LLP where he is Head of Information Technology, Intellectual Property and Commercial. His practice covers all areas of commercial law and he has a wealth of industry experience having worked in-house at Hewlett Packard. He regularly appears on BBC1 and Sky News as a legal commentator.

Continuing professional development

This course qualifies for the following CPD programmes:

  • CPD certificate of attendance: 6.00 hours

Bespoke training

We can customise this course to meet the requirements of your organisation. Contact us to discuss your training requirements.

You may also be interested in

Previous customers include...

  • Banco de portugal
  • Beggars Group Media Ltd
  • Beko Plc
  • Debiopharm International SA
  • Design and Management Contractors Ltd
  • European Space Agency
  • Financial Times
  • Gazprom Marketing & Trading Ltd
  • Guernsey Financial Services Commission
  • Intertanko
  • Jisc
  • Kooperativa pojistovna
  • LHi Group Ltd
  • Low & Bonar PLC
  • Medicines for Malaria Venture
  • Nets Denmark A/S
  • Payment Systems Regulator
  • Saint-Gobain Limited
  • Taylor Wimpey UK Ltd
  • Wavecrest

A very good and informative course

David Goodwin, Group Health and Safety Manager, Design and Management Contractors Ltd, Nov 18

The content of the course was a good overview of the key provisions of the GDPR and this was delivered very well.

Kelly McAuslan, Legal Counsel, Financial Times, Nov 18

Excellent in building foundation in this area, Mark is a brilliant speaker and teacher.

Sunny Sandhu, Solicitor , Saint-Gobain, Nov 18


James Jordan, Group Legal Director & Company Secretary, Taylor Wimpey UK Ltd, Mar 18

The best course I have attended in a long time.

Matthew Joy, Group General Counsel, Low & Bonar PLC, Mar 18

A good overview of the coming regulations

Heinz-Uwe Karl, Contracts Officer, European Space Agency, Nov 17


Melanie Surfraz, Senior Compliance Officer, LHi Group Ltd, Nov 17