Data Protection Resources

A selection of how-to guides and practical information designed to help organisations manage their privacy and data protection operations. Here you will find a mix of in-house developed resources for Data Protection Officers (DPOs) and GDPR Training Paths, combined with quick links to relevant legislation, the UK Information Commissioner's Office (ICO), European Data Protection Authorities, and a selection of industry bodies. This is a BETA release that will be developed over time to increase functionality.

Data Protection Officers Resource

The data protection officer (DPO) role is not new. However, under both the EU and UK versions of the General Data Protection Regulation (GDPR), the DPO has become a legally appointed position applying to the public sector and most businesses. This in-house developed resource provides a comprehensive assessment of the role of the DPO, how it evolved, what the position entails, and information about the criteria for making an appointment. There is also a section dedicated to businesses who choose not to assign a DPO.


A definitive guide


This in-house guide answers several questions about how to implement a comprehensive employee data protection learning and development programme. Part one looks at the advantages of de-centralised training when leveraging privacy champions and technologists in key roles throughout the organisation. Part two addresses the benefits of choosing recognised certified training qualifications for privacy professionals.


The term Information Rights relates to two specific areas of UK and EU law. It covers legislation governing how organisations handle personal information about us. It also covers the laws and practices that give us rights to access official information, often held by public bodies. The following section contains links to the Information Rights laws and regulations that apply to organisations operating in the UK.


The Information Commissioner's Office (ICO) is the UK's Supervisory Authority (SA) and the independent regulator responsible for upholding Information Rights. The ICO is a non-departmental public body sponsored by the Department for Digital, Culture, Media and Sport (DCMS). The following section contains several links to the ICO's website that will be helpful to organisations. A separate link is also provided to the Scottish Information Commissioner covering FOI and EIR.


Although the UK has now left the European Union, many businesses still have to abide by EU rules where they continue to trade in goods or services with the EU. The following section contains links to data protection webpages for a number of EU institutions and regulators.


The right privacy framework will provide a basic structure and offer guidance about how to integrate compliance requirements applicable to your organisation. They can help ensure you have the right compliance policies and procedures in place while providing the flexibility to adapt processes to suit your commercial requirements.


A selection of links to information management and data protection associations.

10% OFF

Save over £100 on all of our courses

Sign-up for our Privacy Newsfeed weekly newsletter to get your discount code. Receive additional offers by selecting training announcements option. Please choose your desired subscription option and then enter your details to subscribe.

Freevacy has been shortlisted in the Best Educator category.
The PICCASO Privacy Awards recognise the people making an outstanding contribution to this dynamic and fast-growing sector.