Hero Image

EU GDPR TRAINING

IAPP Certified Information
Privacy Professional Europe (CIPP/E)

CIPP/E is the essential GDPR qualification for data protection officers
and practitioners with EU/EEA data processing operations

Book Now

Course Features

Official IAPP CIPP/E textbooks

4-hour online sessions

Live, interactive Instructor-led training

Unlimited 1-2-1 coaching

Exam preparation

CIPP/E exam voucher

1st year IAPP membership

Course Overview

The IAPP Certified Information Privacy Professional Europe (CIPP/E) is the leading independent qualification covering European privacy laws. The CIPP/E is suitable for mandatory appointed data protection officers (DPOs) and other compliance professionals who are required to maintain their expert-level of knowledge of the relevant laws and regulations. By obtaining the CIPP/E certification, practitioners can significantly improve their career prospects and lifetime earnings. 

Since the EU General Data Protection Regulation (GDPR) entered into application on 25 May 2018, the protection of personal data has become a board-level priority for organisations around the world. With its mandatory requirement to appoint DPOs, the need for suitably qualified practitioners to ensure data processing operations are compliant has grown significantly. To meet the demand for skilled practitioners, the IAPP introduced the CIPP/E credential, one of four professional certifications in the CIPP programme. The three other versions cover the laws and regulations that apply in the US private sector (CIPP/US), Canada (CIPP/C) and Asia (CIPP/A).

The CIPP/E provides DPOs and other industry practitioners involved in GDPR compliance or privacy-based roles with comprehensive knowledge of the European data protection legislative framework from its early beginnings in the 1980s through to the GDPR, the EU Directive on Privacy and Electronic Communications (ePrivacy Directive) and other related legislation, such as the EU Data Governance Act and the EU Artificial Intelligence Act. CIPP/E award holders will develop detailed knowledge of all aspects of privacy and data protection across the EU, including key terminology and practical concepts concerning the collection, processing, storage, use, transfers, sharing, disclosure, and disposal of personal information in today's digital economy.

The syllabus (body of knowledge) consists of three separate sections. The first section is the introduction to European data protection, which covers the institutional background and the legislation. The second section addresses European data protection laws and regulations, while the third deals with compliance and the application of the law in certain situations.

This IAPP-accredited CIPP/E course is delivered online, although onsite and online in-company options are also available. Delegates can gain a recognised practitioner-level workplace qualification at home or from their desk by attending four consecutive 4-hour live online sessions across one week. This IAPP course prepares participants for the 150-minute multiple-choice IAPP Exam.

Course Costs

Attend the IAPP Certified Information Privacy Professional Europe (CIPP/E) training course:

£1,495.00 + VAT

  • 10% discount for subscribing to our PrivacyNewsfeed & Training Announcement Newsletters
  • Book a second IAPP course and save up to £650.00 + VAT - contact for more information.
  • In-company options available for teams of 6 or more

IAPP training package includes:

  • 4 x 4-hour live online sessions across 4 days, or
  • 2 days for a traditional classroom setting
  • Authorised IAPP instructors
  • IAPP CIPP/E examination voucher
  • 1-2-1 coaching and support
  • 1st-year IAPP professional membership

Course materials:

Book Now

Intended Audience

The IAPP Certified International Privacy Professional Europe (CIPP/E) is suitable for those individuals with the following roles or responsibilities:

  • Data Protection Officers (DPOs)
  • Data Protection Professionals
  • Data Protection Lawyers
  • Compliance Professionals
  • Information Managers
  • Records Managers
  • AI Governance Professionals
  • Data Governance Professionals
  • Human Resources Managers
  • Marketing Managers
  • Security Managers
  • Anyone involved with data protection processes and programmes

Learning Outcomes

By obtaining the IAPP CIPP/E, individuals will learn:

  • Introduction to European Data Protection
  • EU Legislative Framework
  • Compliance with European Data Protection Law and Regulation
  • The role of the Data Protection Officer
  • Legal basis for processing
  • Cross-border data transfers
IAPP CIPP/E Body of Knowledge

This accredited CIPP/E training course is delivered online over 4 consecutive morning sessions (or 2 full days when provided in-company). 

The IAPP ensures the CIPP/E Body of Knowledge (BoK) is always relevant and up to date through consultation with its global community of information privacy practitioners and lawyers.

The CIPP/E is certified by the ANSI National Accreditation Board (ANAB) under ISO17024: 2012.

The following is extracted from the CIPP/E BoK version 1.3.1: 

Part 1: 
Introduction to European Data Protection
Origins and Historical Context of Data Protection Law:
   â€¢ Rationale for data protection
   â€¢ Human rights laws
   â€¢ Early laws and regulations
   â€¢ The need for a harmonised European approach
   â€¢ The Treaty of Lisbon
   â€¢ Convention 108+
   â€¢ Brexit
European Union Institutions
   â€¢ European Court of Human Rights
   â€¢ European Parliament
   â€¢ European Commission
   â€¢ European Council
   â€¢ Court of Justice of the European Union
Legislative Framework
   â€¢ CoE Convention (1981)
   â€¢ EU Data Protection Directive (95/46/EC)
   â€¢ EU Directive on Privacy and Electronic Communications (EU) 2002/58/EC (ePrivacy Directive)
   â€¢ EU Directive on Electronic Commerce (2000/31/EC)
   â€¢ General Data Protection Regulation (GDPR) (EU) 2016/679
   â€¢ Payment Services Directive 2 (PSD2) (EU) 2015/2366
   â€¢ Data Governance Act (DGA) (EU) 2022/868
   â€¢ NIS Directive (2016) & NIS 2 Directive (EU) 2022/2555
   â€¢ Regulation (EU) 2018/1725
   â€¢ EU Artificial Intelligence Act (2021)
Part 2: 
European Data Protection Law and Regulation
Data Protection Concepts:
   â€¢ Personal data
   â€¢ Special categories of personal data
   â€¢ Pseudonymous and anonymous data
   â€¢ Processing
   â€¢ Controllers & Processors
   â€¢ Data subjects
Territorial and Material Scope of the General Data Protection Regulation
Data Processing Principles:
   â€¢ Fairness and lawfulness
   â€¢ Purpose limitation
   â€¢ Proportionality
   â€¢ Accuracy
   â€¢ Storage limitation (retention)
   â€¢ Integrity and confidentiality
Lawful Processing Criteria
Information Provision Obligations
Data Subjects' Rights
Security of Personal Data
   â€¢ Appropriate technical and organisational measures
   â€¢ Breach notification
   â€¢ Vendor Management
   â€¢ Data sharing
Accountability Requirements
   â€¢ Responsibility of controllers and processors
   â€¢ Data protection by design and by default
   â€¢ Documentation and cooperation with regulators
   â€¢ Data protection impact assessment (DPIA)
   â€¢ Mandatory data protection officers (DPOs)
   â€¢ Auditing of privacy programmes
International Data Transfers
   â€¢ Rationale for prohibition
   â€¢ Adequate jurisdictions
   â€¢ EU-US transfer mechanisms (Safe Harbor, Privacy Shield, and the EU-US Data Privacy Framework (DPF))
      - Implications of Schrems decisions
   â€¢ Standard Contractual Clauses (SCCs)
   â€¢ Binding Corporate Rules (BCRs)
   â€¢ Codes of Conduct and Certifications
   â€¢ Derogations
   â€¢ Transfer impact assessments (TIAs)
Supervision and enforcement
   â€¢ Supervisory authorities and their powers
   â€¢ European Data Protection Board (EDPB)
   â€¢ European Data Protection Supervisor (EDPS)
Consequences for GDPR violations
   â€¢ Process and procedures
   â€¢ Infringements and fines
   â€¢ Class actions
   â€¢ Data subject compensation
Part 3: 
Compliance with European Data Protection Law and Regulation
Employment Relationship
   â€¢ Legal basis for processing of employee data
   â€¢ Storage of personnel records
   â€¢ Workplace monitoring and data loss prevention
   â€¢ EU Works councils
   â€¢ Whistleblowing systems
   â€¢ Bring your own device (BYOD) programmes
Surveillance Activities
   â€¢ Surveillance by public authorities
   â€¢ Interception of communications
   â€¢ Closed-circuit television (CCTV)
   â€¢ Geolocation
   â€¢ Biometrics & facial recognition
Direct Marketing
   â€¢ Telemarketing
   â€¢ Direct marketing
   â€¢ Online behavioural targeting
Internet Technology and Communications
   â€¢ Cloud computing
   â€¢ Web cookies
   â€¢ Search engine marketing (SEM)
   â€¢ Social media platforms
     - Dark patterns
   â€¢ Artificial Intelligence (AI)
      - Machine learning (ML)
      - Ethical considerations


Exam Preparation Day

The topics covered in this CIPP/E exam preparation session include:

  • Exam technique
  • Timing
  • IAPP examination format
  • How to set up the exam space for online exams or what to expect if they are going to a test centre
  • How to read and answer IAPP exam questions properly
  • Group discussion covering any topics delegates want to revisit, along with any queries that have come up during revision.
  • Availability of the IAPP Practice exams paper and where to find it on the IAPP website and cost.

Following the examination prep day, the instructor will offer guidance for further study areas.

IAPP CIPP/E Examination

IAPP CIPP/E Exam information

IAPP exams have gained a reputation for being difficult to pass. Both Freevacy and the IAPP strongly recommend careful preparation, even for experienced professionals.

The following information about the CIPP/E examination is an extract from documentation provided to delegates by the IAPP. For the full details please review the IAPP Privacy Certification Candidate Handbook 2023 and the CIPP/E Examination Blueprint.

Exam Information

IAPP certification programmes are designed to differentiate between candidates who do and who do not possess the knowledge required to be considered minimally qualified privacy professionals. All questions are multiple choice with some relating to scenarios. Each question has only one correct answer. Each item (question) consists of a clearly written question (stem), a correct or best response (key) that should be apparent to minimally qualified candidates and three incorrect responses (distractors) that will be plausible to not-minimally qualified candidates. Note that it is each candidate’s responsibility to be prepared for exams by being familiar with all elements of the Bodies of Knowledge.

Candidates are advised to read each question carefully. The stem may be in the form of an actual question or an incomplete statement. An exam question may require the candidate to choose the most appropriate answer based on a qualifier, such as MOST likely or BEST.

Total number of questions90
Scored questions75
Exam duration2 hours 30 minutes
Passing score300 out of 500

Scoring

On all IAPP certification exams, each item has equal value and is scored as correct or incorrect. Unanswered items are considered incorrect, and there is no additional penalty for incorrect answers.

Special Accommodations

It is the policy of the IAPP to provide testing accommodations to candidates with qualifying disabilities to ensure each candidate a comparable opportunity for success on exams. We require 30 days notice in order to arrange special accommodations. Please do not schedule an exam until the IAPP approves your request. After exam purchase, submit your request and supporting documentation using the forms provided on the IAPP website.

Exam Languages

All IAPP examinations are administered in English. In addition, the CIPP/E exam is available in French and German.

Book Now

Our clients