ICO reporting, the time and effort required to respond to complaints and potential fines means Regular Data Protection Training, PECR Training and GDPR Training is essential.

Regular data protection training, GDPR training, PECR training, helps avoid data protection breaches. Our high value high impact training is recommended

Our guide on data protection training frequency should be read and our suggestions considered.

Our data protection training courses are high quality and high impact, They deliver real understanding and improved compliance. They are very affordable and offer high value.

We cover provide all aspects of Data Protection Training including – GDPR, PECR, DUAA, Privacy by Design and Data Protection Impact Assessment Training.

What is Data Protection?

Data protection is the process of safeguarding important information from corruption, compromise, or loss, while ensuring personal data is handled lawfully, transparently, and securely. It involves adherence to legal frameworks and approaches, that help organisations to process data in a responsible manner and give individuals control over their personal data. Key legislation and good practice includes:

The Data Protection Act 2018,
The GDPR (General Data Protection Regulation)
The Privacy and Electronic Communications Regulations (PECR) 2003)
The DUAA (Data (Use and Access) Act 2025
Privacy by Design
Impact Assessment

We provide high quality training on all of the above

What is the Data Protection Act 2018?

The Data Protection Act 2018 (DPA 2018) is the UK’s primary legislation governing data protection, working alongside the UK GDPR to regulate how personal information is used. It empowers individuals with rights over their data, mandates secure handling, and holds organizations accountable for processing personal information

What is The UK GDPR (General Data Protection Regulation) ?

GDPR stands for General Data Protection Regulation. It is a comprehensive data protection law that came into effect on 25 May 2018, replacing the outdated Data Protection Directive from 1995. It is one of the toughest privacy and security law in the world. It harmonises European data privacy laws, protect citizens’ personal information, and governs how organizations manage and use data. It applies to any organization targeting or collecting data from people in the EU/EEA.

What is the UK PECR (The Privacy and Electronic Communications Regulations (PECR) 2003?

This legislation is less well known than the UK GDPR. It derives from European law and sits alongside the GDPR. It governs electronic marketing, cookies, and communications security. The legislation applies to all businesses sending marketing emails/texts, making calls, or using tracking technologies (cookies). Compliance is enforced by the Information Commissioners Office (ICO). More fines and penalties are issued for PECR breaches than GDPR breaches

What is The Data (Use and Access) Act 2025 – DUAA?

The Data (Use and Access) Act 2025 (DUAA) is a UK law that updates the UK GDPR, Data Protection Act 2018, and PECR to promote economic growth, reduce administrative burdens for businesses, and facilitate data sharing while maintaining protection standards. It introduces “recognized legitimate interests,” simplifies Subject Access Requests (SARs), and sets new rules for automated decisions.

What is Data Protection Privacy by Design?

Privacy by Design is an approach to data protection where data protection considerations are considered at every stage of any new policy, procedure, process or activity. That is to say data privacy is embedded into the very design and operation of any or all business process, rather than data privacy and compliance being reviewed after the policy and procedure is written.

What is a data protection impact assessment?

Data Protection Impact Assessment (DPIA) is a structured process that enables organisations to evaluate, identify and minimise data protection risks for any policy, procedure, process, project or activity. It is particularly useful for high-risk projects. It requires documenting the data processing, assessing necessity and proportionality, managing risks to individuals’ rights, and implementing mitigation measures.

Why is Data Protection Training Important?

Data protection training is important because most breaches occur due human error, the legislation not being understood, company policies and procedures being ignored or data protection not thought about. Regular training increases data protection awareness and understanding and in doing so reduces the risk of data protection breaches. We recommend annual training for all staff with repeat training after any breach, the nature, focus and duration of the training being risk assessed. Training is very low cost compared with the potential fines for data protection breaches being £17.5 million or 4% of global turnover.

Whilst most of the headline news around GDPR/PECR breaches and fines relates, to website hacking behind the scenes analysis of the actions and fines issued by the Information Commissioners Office (ICO) shows that most breaches are down to human error. That is to say poor understanding, a lack of adherence, bad judgments and naivety remain common place drivers behind the penalties imposed by the ICO.

The huge number of data protection breaches that occur each year coupled to the follow-on consequences, in terms of time, cost and adverse publicity mean that high quality annual data protection training, especially for data protection officers and management, is essential.

What does Concrew Training Offer in terms of Data Protection Training?

Concrew Training has been delivering data protection training since 2014. We offer one-day courses that cover each of the above aspects of legislation and good practice. These can be delivered online or at your premises. We can tailor content to the needs of Data Protection Officers, Directors, Senior Leaders, Line Managers and Staff. We can combine individual one-day modules to create more comprehensive training courses or condense to key issues, such as breach prevention for staff.

What Free Data Protection Resources does Concrew Training Provide?

All our courses are supported by reference documents and toolkits. These are copyright protected and not in the public domain, we also provide a small range of publicly available “free guides” – see our website to download PDF versions

Summary

Our high quality GDPR training helps management and staff understand the danger points and how they, individually and as teams, can help prevent breaches and the time and reputational damage that follows. Breaches need to be investigated, those at risk notified and, in many cases, reported to the ICO. As a minimum, organisations can expect to be instructed to strengthen procedures and train staff so it makes sense to act proactively and train staff in data protection before the breaches occur.

MORE - Data Protection Courses

Data Protection, GDPR, PECR and DUAA Reference Guides

Data protection is the process of safeguarding important information from corruption, compromise, or loss, while ensuring personal data is handled lawfully, transparently, and securely. The legislation is complex and the protentional fines for breaches huge. our Data Protection, GDPR and PECR training courses bring you up to date with the latest developments and help you make sure you are 100% compliant. Our reference documents provide outline guidance.

Data Protection Complaints Policy Template & Guidance

All organisations are required to publish their policy and procedure for make a complaint about the organisations data protection. This free to use reference document and template is free to download and use

GDPR Necessary, Fair and Transparent Explained

Before an organisation or business processed any personal data it has to ensure there is a legal basis for processing. It has to be necessary, fair and transparent. Many organisations fail to meet these requirements are put themselves at risk. Find out more about good process in this reference document

How frequent should GDPR Data Protection Training be?

This a frequently asked question and one we attempt to answer. The one over-arching answer is to risk assess, many find this too vague so we try to be more helpful in this guide

The ICO guide to the PECR – PDF

The ICO is responsible for overseeing adherence to the PECR. This PDF document summarises all, alternatively see the ICO website

FAQ - Frequently Asked Questions about this Training

If you can’t find the answer you’re looking for, feel free to contact our support team.

Why should you use Concrew Training?

Specialist HR, Employment Law & Compliance training provider
We reference to official Government bodies such as ACAS, ICO, EHRC
Content tailored to your policies and procedures
CPD certificates included
12 months of post-course support
UK-wide delivery
Online and face-to-face options
Open and transparent pricing

What information is available on course content?

We publish detailed course overviews for all courses. These provide indicative content based on the course learning plans. Final content is tailored to each client’s individual requirements.

What other information is available on individual courses?

Free reference guides and resources to help employers evaluate training quality and improve workplace compliance

Downloadable resources available via our website
Customer feedback and testimonials published on our website

Can you include our company policies and procedures in the training?

Yes. We actively encourage this approach. Including your policies and procedures helps demonstrate how, where, and why good practice applies within your organisation. This contextualises the learning, improves engagement, and increases the practical value of the training. There is no additional charge for incorporating your policies and procedures.

How long do Concrew Training courses last?

Standard courses: 6 hours of learning (approx. 7 hours including breaks)
Condensed 3-hour sessions available
Extended sessions or multi-day programmes available

How many people can attend each course?

Online courses: up to 15 participants
Face-to-face courses: up to 20 participants
Whole workforce awareness sessions: available for larger groups

Where does Concrew Training deliver training?

Online: via your preferred video conferencing platform (Zoom, Teams, etc.) across the UK
Face-to-face: on your premises in England, Scotland, and Wales

How much does your training cost?

Typical prices range from £800 to £2,000 excluding VAT. Final cost depends on course duration, location, number of participants, and payment terms.

Full pricing details available on our website
No hidden charges
Formal quotations remain valid for 30 days

What are your courses like?

Our courses are delivered as interactive workshops rather than traditional lectures, and typically include:

Subject specialist input
Interactive quizzes
Group discussions
Practical exercises
Real-world case studies

We incorporate your organisation’s policies and procedures wherever possible to ensure the learning is relevant, engaging, and immediately applicable.

Who delivers the training?

Training is delivered by experienced subject specialists with extensive knowledge in their field. Our trainers:

Have significant practical experience
Can answer most participant questions during the session
Provide follow-up responses for complex questions
Are skilled facilitators who make technical subjects engaging

Do you issue CPD certificates?

Yes. All participants receive a CPD certificate detailing learning hours completed and headline course content.

Who uses your training services?

We work with organisations of all sizes, including:

Large international organisations
Public sector employers
Charities and not-for-profits
SMEs and local businesses

Attendees commonly include directors, senior leaders, HR professionals, operational managers, line managers, employee representatives, and staff teams. Customer feedback and testimonials are available on our website.

Why should I book a Concrew Training course?

Our training is:

Delivered live by subject specialists
Designed for real-world application
Suitable for teams of up to 20 participants
Available face-to-face in England, Scotland, and Wales
Available online across the UK
Practical, engaging, and immediately applicable
High-quality and competitively priced

Suitable for directors, senior leaders, HR teams, operational managers, line managers, staff teams, and employee representatives.

How far in advance should we book training?

We recommend booking training 2–3 months in advance. Availability is generally good with a three-month lead time. Dates are only reserved once a booking is confirmed. Short-term bookings may be limited.

How do I book a course?

Complete our quote request form
Receive a formal quotation and provide any delivery details
Confirm your booking
Receive a formal Delivery Confirmation and “What Happens Next” guidance

Is there anything else I will need to do?

For online courses

Schedule the event on your video conferencing platform
Share joining details with attendees
Provide the trainer profile and course overview

For face-to-face courses

Book the room/venue and required equipment
Share trainer details and course overview with attendees
Print and provide handouts to the trainer prior to the session

After the course

Distribute post-course handouts and CPD certificates

How does your 12-month post-course support service work?

Email us with any training-related questions that arise following the course. We provide guidance and support relating to the training content covered.

Note: This service is not a substitute for legal advice.

What happens if I have more questions?

We’re here to help. You can contact us at any stage before, during, or after your training programme, and we will be happy to answer any questions you may have.