Privacy & Data Protection Foundation

Accredited training course (EXIN) & certification exam

Each organization is affected by the regulations and laws relating to the protection of personal data and, more generally, to data protection. Organizations must be more diligent in respecting compliance to protect personally identifiable information (PII) as the penalties for data loss become more and more severe. This intensive two-day course provides an overview of the rights and obligations of your organization and those whose personal information you have collected, allowing you to make appropriate decisions about how to handle personally identifiable information and other data.

This intensive two-day course will quickly go through legal jargon to focus on the fundamentals of protecting personal data and how it affects your organization. This course will give you a good overview of your responsibilities in this domain.


The course Privacy & Data Protection Foundation (EXIN) is intended for anyone who collects, modifies, processes or manages personal information for their work, or who needs to know their legal responsibilities regarding the use of personal information. Interested roles may include employees of a call center, service center or any administrative department, accountants and finance professionals.

This course is the mandatory entry point for all those wishing to obtain the Privacy & Data Protection Practitioner certificate or to become a Certified Data Protection Officer.

The Privacy & Data Protection cycle is aligned with European legislation and regulations and more particularly with the GDPR.


There are no mandatory prerequisites to follow this training and pass the certification. It is however desirable to already have a certain legal culture to understand the wording of the texts and to have read before the start of the session the training preparation guide sent to each candidate at the time of registration.


At the end of the two days of training, each participant will know and understand:

  • European legislation, regulations and directives on the protection of personal information,
  • Confidentiality issues that may arise in one's own Organization,
  • How to provide advice to resolve information privacy issues.

PLEASE NOTE: This course provides you with an ideal introduction to understanding Data Protection and Privacy and constitutes an effective preparation for the certification exam Privacy & Data Protection Foundation. However, this is only a first step towards the implementation of initiatives based on the European requirements contained in the GDPR. It is by no means sufficient to carry out an implementation or an audit in matters of Protection of Personal Information, which requires additional skills developed in the PDP Practitioner and PDP Expert courses. We can help you build your own roadmap to achieving these goals. Do not hesitate to consult us without obligation on this subject.

Course syllabus

Welcome & Introduction

Privacy and Regulation (45%)

  • Definition of Privacy
  • Personal data
  • Legitimate grounds and purpose limitation
  • Rights of data subjects
  • Data breaches and associated procedures

Organizing data protection (35%)

  • Importance of data protection for the organization
  • Data protection authorities
  • Personal data transfer to third countries
  • Binding Corporate rules and Privacy in contracts

Practice of data protection (20%)

  • Privacy by design and privacy by default related to information security
  • Privacy impact assessment (PIA) and privacy audit
  • Practice related applications of the use of data, marketing and social media

Preparation for certification

EXIN Privacy & Data Protection Foundation Exam (60 mn)

Closing and questions


The official EXIN Privacy & Data Protection Exam is included in our training package.

The exam can take place in paper format or online at the end of the training and be supervised by the trainer. The result is communicated to the candidate immediately at the end of the test.
The exam can also be administered online after course – In such a case, a voucher is provided at course completion

The exam is designed to test the learner’s knowledge of the Privacy & Data Protection as opposed to memorization and tied to the learning objectives of the course. The exam format will include:

  • 40 questions
  • Multiple choice
  • 60 minutes
  • One correct answer for each question, using four choices (A, B, C or D)
  • Pass rate is 65% or higher

The exam is available in English and others languages, including French.

The Privacy & Data Protection Foundation certificate is prerequisite for all other exams in the Privacy & Data Protection cyle.


Alain Bonneaud
CISA® - CISM® - CGEIT® - COBIT® - ISO 27001 - ITIL® - PRINCE2® - RESILIA® - VeriSM™ - ISO 20000 - DevOps

Terms & Conditions

The following terms and conditions apply for bookings :

  • the session is led by a trainer accredited by EXIN on the Privacy & Data Protection domain,
  • personalized welcome in the classroom with mineral water and breaks ,
  • accredited training material,
  • the offical GDPR publication (electronic document),
  • exam preparation,
  • a group of 10 participants max. in order to ensure the quality of the training delivery.


Document sans titre

Course fees must be paid at least 10 working days prior to the commencement of the course in order to guarantee your place. We accept payment by Direct Debit, credit cards, paypal or bank transfers. Payment made by credit card will incur the following charges – MasterCard (1.5%), Visa (1.5%) American Express (3.0%).


Go Green : all our material is delivered electronically