Privacy & Data Protection Bootcamp

Accredited training course (EXIN) & 2 certification exams (5 Days)

With the ever-increasing explosion of information flooding the internet, every company needs to plan how to manage and protect privacy of persons and their data. Not without a reason, many new laws – in the EU as well as in the USA and many other regions – are being formed to regulate both.

This intensive and practical five-day course is based on the subjects preparing the participants for the PDP Foundation and PDP Practitioner certification exams. The first two days allow trainees to understand the fundamental concepts of Protection of Privacy and Personal Data while the last three days, more practical, focus on the development and implementation of policies and procedures in order to comply with existing and new legislation, the application of directives and best practices in the form of a Personal Information Protection Management system.

On the second day, candidates will pass the EXIN Privacy & Data Protection Foundation certification and, on the last day, the official EXIN Privacy & Data Protection Practitioner exam.


The certification Privacy & Data Protection Bootcamp (EXIN) will be particularly useful to:

  • Data Protection Officers (DPOs),
  • Privacy Officers, Legal,
  • Compliance Officers,
  • Security Officers,
  • Business Continuity Managers,
  • Data Controllers,
  • Data Protection Auditors (internal and external),
  • Privacy Analyst,
  • and HR managers.

The Privacy & Data Protection cycle is aligned with European legislation and regulations and more particularly with the GDPR.


There are no mandatory prerequisites to follow this training and pass the certification. It is however desirable to already have a certain legal culture to understand the wording of the texts and to have read before the start of the session the training preparation guide sent to each candidate at the time of registration.

The mandatory requirements to take the PDP Practitioner exam are:

  • Successful completion of the EXIN Privacy & Data Protection Practitioner exam;
  • Accredited EXIN Privacy & Data Protection Practitioner training, including completion of the Practical Assignments.

Course syllabus

Days 1 & 2

Welcome & Introduction

Privacy and Regulation (45%)

  • Definition of Privacy
  • Personal data
  • Legitimate grounds and purpose limitation
  • Rights of data subjects
  • Data breaches and associated procedures

Organizing data protection (35%)

  • Importance of data protection for the organization
  • Data protection authorities
  • Personal data transfer to third countries
  • Binding Corporate rules and Privacy in contracts

Practice of data protection (20%)

  • Privacy by design and privacy by default related to information security
  • Privacy impact assessment (PIA) and privacy audit
  • Practice related applications of the use of data, marketing and social media

Preparation for certification

EXIN Privacy & Data Protection Foundation Exam (60 mn)

Days 3 to 5

Data Protection Policies (10%)

  • Purpose of the Data Protection and Privacy Policies within an Organization (5%)
  • Data Protection by Design and by Default (5%)

Managing and Organizing Data Protection (32.5%)

  • Phases of the Data Protection Management System (DPMS (32.5%)

Roles of the Controller, Processor and Data Protection Officer (DPO) (17.5%)

  • Roles of the Controller and Processor (10%)
  • Role and Responsibilities of a DPO (7.5%)

Data Protection Impact Assessment (DPIA) (27.5%)

  • Criteria for a DPIA (15%)
  • Steps of a DPIA (12.5%)

Data Breaches, Notification and Incident Response (12.5%)

  • GDPR Requirements with Regard to Personal Data Breaches (2.5%)
  • Requirements for Notification (10%)

Preparation for certification

EXIN Privacy & Data Protection Practitioner Exam (120 mn)

Closing and questions


The official EXIN Privacy & Data Protection Practitioner Exam is included in our training package.

The exam can take place in paper format or online at the end of the training and be supervised by the trainer. The result is communicated to the candidate immediately at the end of the test.
The exam can also be administered online after course – In such a case, a voucher is provided at course completion

The exam is designed to test the learner’s knowledge of the Privacy & Data Protection as opposed to memorization and tied to the learning objectives of the course. The exam format will include:

  • 40 questions
  • Multiple choice
  • 120 minutes
  • One correct answer for each question, using four choices (A, B, C or D)
  • Pass rate is 65% or higher
  • The GDPR text may be consulted throughout the exam. It is provided as an appendix to the digital exam. Candidates are required to bring their own copy for paper-based exams.
  • No electronic equipment/aides permitted

The exam is available in English only.

The Privacy & Data Protection Foundation certificate is prerequisite for the Data Protection Offcier Certificate (DPO)..


Alain Bonneaud
CISA® - CISM® - CGEIT® - COBIT® - ISO 27001 - ITIL® - PRINCE2® - RESILIA® - VeriSM™ - ISO 20000 - DevOps

Terms & Conditions

The following terms and conditions apply for bookings :

  • the session is led by a trainer accredited by EXIN on the Privacy & Data Protection domain,
  • personalized welcome in the classroom with mineral water and breaks ,
  • accredited training material,
  • the offical GDPR publication (electronic document),
  • exam preparation,
  • a group of 10 participants max. in order to ensure the quality of the training delivery.


Document sans titre

Course fees must be paid at least 10 working days prior to the commencement of the course in order to guarantee your place. We accept payment by Direct Debit, credit cards, paypal or bank transfers. Payment made by credit card will incur the following charges – MasterCard (1.5%), Visa (1.5%) American Express (3.0%).


Go Green : all our material is delivered electronically