IDM Award in GDPR

(Award GDPR) - This course is ONLINE, e-learning

The Award in GDPR will give you a clear understanding of the main legal requirements and information to make sure your marketing activities involving personal data are compliant to the GDPR and DPA18.

During your qualification in the GDPR, you will learn to:​

  • Process personal data under the GDPR
  • Obtain marketing permission
  • Select the most appropriate lawful basis to process personal data
  • Be compliant to the principles of data protection
  • Notify individuals about the use of profiling
  • Upholding the rights of individuals to control their personal data
  • Store the personal data you collect
  • Be compliant during cross-borders marketing campaigns
  • Minimise the impact of a personal data breach and communicate it to the relevant authority as well as to the individuals affected by it.





Online (35 CPD hours)

Get in touch...

To discuss your options, please get in touch with one of our learning and development team:

Course Availability

StartStudy ModeLocationCourse Fee

NB: All prices above are shown in Singapore Dollars (S$) and are subject to GST at prevailing rates.

Qualification Information

  • GDPR: a bit of context
  • How does the GDPR affect the processing of personal data?
  • How does GDPR apply to cross-border campaigns?
  • Data protection: the importance for marketers
  • Are consumers happy to share their contact data?
  • Case Study – The Guardian
  • GDPR concepts
  • GDPR key-terms
  • Have the principles of data protection changed?
  • How is the GDPR implemented?
  • Penalties under the GDPR – Examples
  • What are the definitions of personal data and data subject?
  • Identifiers
  • What are special categories of data?
  • Which lawful basis can I use for marketing?
  • The six lawful bases
  • Consent
  • Can consent be conditional?
  • Alternative to consent – Legitimate interest
  • Factors to consider when deciding between consent and legitimate interests
  • How do you communicate legitimate interests?
  • Profiling under the GDPR
  • Does profiling have legal effects?
  • What are the legal effects?
  • What are the rules for direct marketing profiling?
  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights relating to automated decision-making including profiling
  • What obligations do processors have?
  • Processors’ responsibilities
  • Contracts with processors
  • Non-compliant processors
  • What is accountability?
  • What does accountability mean for marketers?
  • Data protection for new products or services
  • What does the GDPR say about data security?
  • Mitigating risk to data privacy
  • Do you need to appoint a Data Protection Officer (DPO)?
  • Data mapping
  • Database requirements
  • What other records of processing must you keep?
  • What is a personal data breach?
  • Personal data breach notification process
  • Communicating with data subjects following a breach
  • Preparing for Brexit
  • Transfers of personal data from the UK to other EU countries
  • Transfers of personal data into the UK from EEA countries
  • International issues – Can you transfer personal data overseas?
  • Which regulator will we be answerable to for cross-border campaigns?

This course has been designed to provide you with the knowledge and skills you need to ensure you are developing your marketing strategies and activities in compliance with the GDPR and the other legal requirements. Throughout the course you will receive the theoretical foundation you need, together with useful templates and additional resources that you can implement in your day-to-day work.

This course is designed for the following people:

  • You are new to good practices around personal data
  • You use customer or stakeholder data to carry out marketing activities

Assumed knowledge

  • There is no assumed knowledge for this course

What this course is not:

  • This course does not constitute legal advice
  • It is an introduction to good practices around data for marketers
  • This course is not designed to train Data Protection Officers or replace legal advice

This is a practical course which is designed to take you through the main concepts of the GDPR, supporting you in developing your marketing campaigns in compliancy to the Regulation.

Each lesson will provide a practical demonstration of what actions you should take and which tools you could use.

Throughout the course, you will find exercises and templates which will help you in putting your learning into practice straight away. The course’s aim is to make sure you do not only know the theory but also develop a practical understanding of which actions you have to put in place to make sure you are compliant to the Regulation.


Enjoy the flexibility of devising your own personalised study routine with your programme deadlines via a stream of online content run over 12 months. You will receive email support and 24/7 access to course materials.
While we make every reasonable effort to make the course as up-to-date and relevant as possible, it should not be used as a substitute for legal advice. If you have any questions on how the GDPR affects your business you should seek independent legal advice. All views expressed are the opinion of the tutor or speaker and may not represent the view of The IDM.

Is this the right course for me?

The online GDPR award is ideal for professionals currently employed in commercial and public sector companies across all sectors, including professional services and not for profit. Equally agencies, consultancies and suppliers servicing their data management needs will benefit by enrolling staff.

Data professionals

Data professionals within client organisations, including database and data managers, data stewards, data analysts, data planners, data protection officers, data quality managers, data processing managers – all of whom advise, influence, co-ordinate, manage or direct data policies and processes.

Marketing professionals

Marketing professionals – client, agency or supplier side – who wholly or partly have responsibility for data collection, storage and use, and whose effectiveness is dependent on best practice data management. This includes managers and executives in marketing, direct marketing, digital marketing, CRM, e-commerce and customer insight.

John Mitchison – Director of Policy and Compliance at The DMA (UK) LTD

John has extensive knowledge of the data and marketing industry, with over 20 years of experience. Since 2012, John Mitchison has been the Director of Policy and Compliance. During this time he has worked closely with a variety of stakeholders within the industry providing expert advice and support to organisations dealing with the legal, compliance and policy-related changes affecting their businesses, as well as contributing guidance to many industry and government working groups and committees. Before joining the DMA, John worked at Acxiom and before that the Daily Telegraph, where his roles involved managing large data campaigns.

Janine Paterson – Solicitor & Legal Manager at the DMA group

Janine Paterson works for the DMA as Solicitor and Legal Manager. She joined the DMA in June 2007 and her role includes running the legal team which offers advice to members on legal matters affecting the direct marketing industry including data protection, consumer law and prize draws and competitions. Janine regularly contributes to DMA member communications on a variety of subjects affecting the direct marketing industry and responds to both Government and European consultations, undertaking lobbying on behalf of the interests of DMA members. Before joining the DMA, she spent 10 years as a Senior Lawyer with the UK’s largest independent consumer body. She holds a Master of Laws degree from Brunel University.

Enquire Now

To learn how we look after your data please see our privacy notice.