Home » Courses » GDPR Refresher Training Course

GDPR Refresher Training Course


A short interactive online GDPR refresher course that will keep your knowledge of GDPR sharp and help you reduce your risk of subsequent financial penalties.

The content is regularly updated covering the latest developments in how UK GDPR is applied. It also briefly covers developments in how EU GDPR is applied in optional modules.

The course is ideal for any employees who have already completed some basic GDPR training. The end of course assessment will give you the confidence that your team have a reliable understanding of UK GDPR.

  • 100% online
  • 35 minutes
  • UK GDPR – DPA18 (🇬🇧) + EU GDPR (🇪🇺)
  • Certificate


Why complete GDPR refresher training?

  • Address any GDPR knowledge gaps that could put you at risk of financial penalties and prosecution for non-compliance
  • Feel confident that you are applying the latest GDPR guidance
  • Delight your customers and colleagues with better respect for their privacy and preferences
  • Align you and your team with the ICO’s accountability framework

Course features


Nobody wants to be lectured to. Learners get the knowledge they need through concise and engaging videos. Then, they apply what they’ve learnt through situational questions.

Ticks every box

Aligns with the ICO’s accountability guidelines for data privacy training.

Kept up to date

Our team regularly reviews the latest developments in data privacy law. We build this knowledge into course updates and email alerts so you can keep ahead.


This GDPR refresher training is comprehensive but concise. It tests knowledge of all the core GDPR concepts.

Learning with us

Client Logo - EV
Client Logo
Client Logo
Client logo

Course information

Learning Outcomes:

  • Understand the key principles, data subject rights and implementation challenges of the UK General Data Protection Regulation.
  • Be aware of how Brexit, recent court cases and enforcement action has changed how GDPR is applied across the UK and EU.
  • Know how to handle personal data properly and be aware of the biggest GDPR compliance risks that all employees face.
  • Feel confident applying UK GDPR in day to day tasks.

Recommended for:

  • As a refresher training exercise for all employees. 
  • For employees who have completed some foundation GDPR training or awareness GDPR training previously.


  • A basic knowledge of GDPR. Please try our GDPR Essentials course if you do not currently have a basic understanding of GDPR.

What do I need for this course?

This course is 100% online and delivered through our online learning platform. You will need a computer and a stable internet connection to access the video lessons and interactive assessments. Organisations can also access this content via their own LMS on request (different pricing and licensing terms will apply).

Course content

Section 1: GDPR Recap

What you’ll learn

In this module we’ll go through a rapid-fire refresh of GDPR. We’ll look at the guiding principles of GDPR, the rights it gives to data subjects and the legal bases under which you can process personal data.


  • How GDPR has changed the way we process personal data
  • Back to basics: overview
  • Back to basics: principles
  • Back to basics: data subject rights
  • Back to basics: legal basis for data processing

Section 2: GDPR Now

What you’ll learn

In this module we’ll look at how GDPR has changed since it came into force in 2018. Specifically we’ll look at how Brexit and some major court cases have changed how you should be applying GDPR. We’ll also look at the impact of some recent enforcement action (fines) from the regulators in the UK and EU.


  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability
  • Mini-assessment

Section 3: Establishing a lawful basis for processing

What you’ll learn

In this final module we’ll look forward to what we can expect in 2024 and beyond. We’ll look at how proposed changes to GDPR by the UK government (Data Reform Bill – Data Protection and Digital Information Bill) are progressing and what impact the proposals may have. We’ll also look at how the EU’s data protection strategy is evolving and how new incoming EU laws that overlap with GDPR may affect you. Finally you’ll complete an end of course assessment.


  • The UK direction
  • The EU direction (optional)
  • Final assessment

Recent course updates

December 2023 Update

We’ve updated this course to reflect

  • Delays to the UK’s Data Laws Reform
  • US-UK Data Bridge

How it works

Step 1

Buy course seats

Purchase online using your credit or debit card, after payment you’ll be able to invite team members to the learning platform. They’ll receive an invite to join and get started by email.

Step 2

Start learning

Each team member will have access to the learning materials, interactive assessments and quizzes. On completion of the course team members will be issued with a certificate.

Step 3

Keep ahead

Look out for periodic updates by email covering changes to GDPR, enforcement cases and what they mean for your compliance efforts. We’ll also let you know how we’ve used this information to update the course, trainees can review any updated lesson materials on the learning platform.

What’s included


  • Distraction-free online learning platform
  • Mini quizzes & end of course assessment


  • Access to all course material updates and enhancements for the length of your access period
  • Alerts about how changes to DPA18/GDPR may impact your organisation for the length of your access period


  • Certificate on completion 🎉


Common questions about GDPR refresher training

Who needs to complete GDPR refresher training?

GDPR refresher training is recommended for all employees who process personal data as part of their role. This definition is likely to have a wide scope, typically accounting for up to 90% of a company’s workforce. This is because the definition of “personal data” and “processing” under UK GDPR and EU GDPR is broad. The personal data of customers, suppliers, employees and any other identifiable individuals must be protected under GDPR.

How often should GDPR refresher training be completed?

GDPR refresher training should be completed 1-2 times per year. This is because while the legal text of UK GDPR & EU GDPR has not changed since they were first brought into force, court cases, guidance and enforcement action have effectively changed the meaning of GDPR since it was brought into force.

You may decide that a more frequent schedule is appropriate if the role concerned involves a lot of personal data processing for example a call centre role, a marketing & sales position, or HR position.

How does this GDPR refresher training align with the ICO’s accountability framework?

The ICO’s accountability framework outlines specifically in relation to refresher training:

“Your staff receive induction & refresher training, regardless of how long they will be working for your organisation, their contractual status or grade.”

This refresher training course is appropriate for all staff. It’s engaging so staff pay attention and concise so they can keep their focus on their core responsibilities.

“Your staff complete refresher training at appropriate intervals.”

The training is frequently updated so learners can return at a later date and find new content to learn from. This way they can keep up with the latest developments in GDPR.

Other courses

gdpr refresher course preview

GDPR Training Course (Essentials)

Included in PLUS

The GDPR awareness course that will give everyone the knowledge they need to know about UK GDPR and EU GDPR.

View course ➔

PECR for Marketers Training Course

PECR – ePrivacy
Included in PLUS

Specialist training for sales and marketing teams that will teach them how to comply with PECR (Privacy and Electronic Communications Regulations) and the incoming ePrivacy regulation.

View course ➔

How much will getting it wrong cost you?


Non-compliance with data privacy laws like GDPR can be costly. Under Part 6 of UK GDPR, a fine can be issued of up to £17.5 million or up to 4% of total global turnover whichever is higher. Most fines fall down to human error. Often a result of a misunderstanding or simply forgetting how the rules work. Effective training can greatly reduce this risk. Other issues with non-compliance include:

  • Investigations
  • Personal liability
  • Reputation damage
  • Losing out on investment
  • Failing supplier due-dil
  • Ethical issues
  • Data deletion orders

Join this course

Single Course

£18.50 per seat

Measured Collective Plus

  • Access to all paid courses.
  • Extended access, one annual payment.
  • From £236 per team (includes 20 seats) – extra seats charged at £7.90 per year.

Want to license this course for your LMS? SCORM format is available. Connect with our sales team.