Data protection, digital policy and cyber security

Rated 4.9 out of 5

Data Protection Certification Course

Our certified Data Protection Certification course is designed to provide you with optimum preparation. It will answer your questions related to becoming a Data Protection Officer and high-level professional and it will help you deal with everyday data protection issues.

More information

About this course

Are you willing to step into the evolving technological landscape and become a cornerstone of data protection? At EIPA, our course is designed to empower you with the legal, practical, and strategic expertise required to excel as a Data Protection Officer in today’s era of accelerated digital transformation. As organisations reshape their operations in response to breakthrough technologies and data-driven innovation, data protection remains a foundational pillar, anchored by the General Data Protection Regulation and reinforced by emerging frameworks like the Artificial Intelligence Act.

You will experience hands-on, multidisciplinary training led by experts at the cutting edge of data protection, technology and policy. Using interactive case studies, peer discussion, and scenario-based exercises, you’ll master the skills needed to design or enhance compliance frameworks, tackle real-world data protection challenges, and support your organisation’s digital ambitions.

Join us in Maastricht or online to gain the skills and confidence to uphold data protection rights, strengthen data governance, and support your organisation’s compliance journey, equipping you for the multifaceted challenges at the heart of Europe’s digital revolution!

You will learn about:

The European legal framework for data protection (including the GDPR);
Key data protection concepts, principles and obligations;
Actors, roles and responsibilities;
The role of the DPO (Data Protection Officer), the EDPS (European Data Protection Supervisor) and the national supervisory authorities;
Severity assessment of data breaches and assurance role of the DPO (accountability, requirements and demonstrating compliance);
Cyber security, data protection audits, privacy and digital sovereignty;
Options and solutions for cross-border data transfer and third-country data transfers;
e-Privacy design and impact assessment;
Grounds for processing, including legitimate interest and consent;
The rights of data subjects and how to handle them.

Course methodology

We believe practical know-how is the key to effective learning. This course therefore includes:

Detailed explanations of the key concepts, principles, actors and roles in the field of data protection and security;
Role play and group exercises;
Preparatory workshop for the final certification examination (optional);
Insights with case-law examples;
Input and coaching on practical issues encountered by participants from the DPO network, European institutions and agencies, Europol, Eurojust, EDPS, national authorities and other data protection experts;
A highly interactive approach – the structure of the course will give you opportunities to ask questions and share experiences during the dedicated Q&A sessions.

To optimise your experience, we also recommend that you follow the optional preparatory workshop for the certification examination, when time will be devoted to a recap of the essentials, exercises, a discussion and a Q&A session.

You will be able to process and transfer personal data, and comply with data protection requirements in your day-to-day work.
You will be better aware of severity assessments of data breaches, data protection audits, cyber security and privacy.
You will have a thorough understanding of how things work in practice and a vision of the EU’s future in this field.
You will have a solid basis for continuous learning as a Data Protection Officer afterwards.
You will benefit directly from the insights of data protection experts and from networking opportunities during the online breaks.
You will obtain the EIPA attendance certificate.
You will take the EIPA Data Protection Certification examination.
You will be able to qualify as a data protection professional at European level.
You will develop your professional international network in the field of data protection.

After taking this course, you can join EIPA’s dedicated community of practice together with other, former participants. You will also have access to the course materials for a duration of three months after the course.

Data Protection Officers and other data protection professionals;
Legal and IT professionals;
Anyone, from either the public or private sector, with proven working experience in the processing of personal data;
Anyone who needs a certification at European level in order to advance their professional career;
Candidates who wish to take and pass the examination.

On completion of the course, participants can take part in an exam leading to the awarding of the EIPA Data Protection Professional Certificate.

A few details about the examination:

Examinees can use their own device to take the examination, but will be supervised (in-person or online).
The examination is a practical scenario-based question.
The examination can be taken twice a year at EIPA headquarters in Maastricht.
The examination lasts 2 hours.
The maximum score obtainable is 100 points and in order to pass the examination, examinees need to obtain 60 points
EIPA considers that the use of AI in responding to the test questions of the Data Protection Certification exam is not in line with the objective of the Data Protection Certification course and the purpose of this examination. An infringement of the EIPA AI Policy will invalidate the data protection certification.
Examinees will be asked to sign a declaration certifying their adherence to the AI Policy.

Examination process

Review
The examination board is composed of three members: one academic expert and two expert practitioners, one active under EUDPR and one under GDPR. The academic expert is the designated reviewer of the exam submissions, while the two expert practitioners lead the creation of the examination content. This general split between responsibilities is intended to strengthen the fairness in the review process. The academic expert will consult with the relevant practitioners’ colleagues in cases of uncertainties or appeals.

Language
The examination is offered in English only. The time limit for the examination is sufficient for the vast majority of candidates, including non-native English speakers. No points are deducted due to possible grammar or language mistakes.

Handling of exams
EIPA will take all available precautions to ensure the appropriate and secure handling of completed submissions.

Examination re-sit
In the event you did not manage to reach the set threshold and did therefore not pass the exam, you are offered the opportunity to do one examination re-sit for €150 within one year.

The Examination Board
The exam is under the supervision of an examination board. The examination board meets regularly to discuss the certification course requirements and approve the examinations. They discuss as needed to review and resolve any submitted certification appeals. The examination board consists of experts who have proven knowledge of and practical expertise in the field of data protection, one of whom will serve as chair.

Certificate validity
Data Protection issues continue to change, and it is very important to keep yourself ahead and update your knowledge regularly. Therefore, the EIPA certificate is valid for a period of two years. In order to update your knowledge and maintain the validity of your certificate you will need to attend EIPA’s refresher course on data protection every two years. You will receive an updated certificate after taking part in this.

You can find our full Certification policy here: www.eipa.eu/dataprotection.

Project number: 2511503

Hybrid course
Experience our course in a way that suits you best! This hybrid course offers the flexibility to join in-person or online through a live stream. In the registration form, you will have the opportunity to select your preferred option.

Face to Face venue
European Institute of Public Administration (EIPA)
O.L. Vrouweplein 22
6211 HE, Maastricht
the Netherlands

Project Officer
Marieke Lardinois
Tel: +31 (0)43 32 96 205
m.lardinois@eipa.eu

Fee
The fee includes documentation, refreshments, lunches, and a dinner. Accommodation and travel costs are at the expense of the participants or their administration.

Discounts
EIPA member fee
EIPA offers a discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency.

Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden.

For all other participants, the regular fee applies

Loyalty coupon
As a token of appreciation we offer all our participants a loyalty coupon for one of our future courses. The offer can be shared with colleagues and relevant networks. The coupon will expire one year after its release. This discount is not cumulative with other discounts, except for the EIPA member fee.

Meals
Dietary preferences can be indicated on the registration form.

Hotels
EIPA has a special price arrangement with a few hotels. The hotels are within walking distance from EIPA. Payment is to be made directly and personally to the hotel upon checking out.

Derlon If you wish to take advantage of this special price, please click on the hotel name to book directly using the link
info@derlon.com
+31 (0)43 321 67 70
Townhouse If you wish to take advantage of the special price, use the word ‘EIPA’ in the promotion code field
info@townhousehotels.nl
+31 (0)43 323 30 90
Mabi If you wish to take advantage of the special price, use the word ‘EIPA’ in the promotion code field
info@hotelmabi.nl
+31 (0)43 351 44 44
Kaboom Hotel If you wish to take advantage of the special price, use the word ‘EIPA’ in the promotion code field
info@kaboomhotel.nl
+31 (0)43 325 33 40
Leonardo Boutique Hotel
reservations.maastrichtcitycenter@leonardo-hotels.nl

Confirmation
Confirmation of registration will be forwarded to participants on receipt of the completed online registration form.

Payment
Prior payment is a condition for participation.

Cancellation policy
For administrative reasons you will be charged €150 for cancellations received within 15 days before the activity begins. There is no charge for qualified substitute participants. EIPA reserves the right to cancel the activity up to 2 weeks before the starting date. In that case, registration fees received will be fully reimbursed. EIPA accepts no responsibility for any costs incurred (travel, accommodation, etc.).

A few days before the start of the course you will receive the log-in details for accessing the course materials. You can log in here.

Download the brochure

Our experts

See profile

Project leader

Florina Pop

Data Protection

See profile

Elisa Moro

Council of the European Union

See profile

Emma Rodríguez Montes

European Union Intellectual Property Office (EUIPO)

See profile

María Verónica Pérez Asinari

Programme

08.30	Registration of participants/Opening of the online platform for online participants
09.00	Introduction to the course Florina Pop, Senior Expert/Data Protection Expert, EIPA, Maastricht (NL)
09.30	Data protection: the basics and the European legal framework. Elisa Moro, Data Protection Officer, Council of the EU, Brussels (BE)
10.15	Q&A
10.30	Coffee Break
11.00	Data protection: key principles and lawfulness Elisa Moro
11.45	Q&A
12.00	Lunch at Hotel Derlon
13.30	Main Players in Data Protection: Data Controller-Joint Controller-Data Processor Emma Rodríguez Montes, Data Protection Specialist in the Data Protection Office, EUIPO, Alicante (ES)
14.15	Q&A
14.30	Coffee Break
15.00	Data Subjects Rights – Part I Maria Veronica Pérez Asinari, Head of Sector Data Protection Advice at European Commission DG CONNECT, Brussels (BE)
16.00	Coffee Break
16.30	Data Subjects Rights – Part II Maria Veronica Pérez Asinari
17.45	Q&A
18.00	End of the Day

08.45	Opening of the online platform for online participants
09.00	The role of the Data Protection Officer (DPO): skills and daily work basis Diana Alonso Blas, Data Protection Officer, Eurojust, The Hague (NL)
10.00	Coffee Break
10.30	Workshop on the role of the DPO (Case studies) Diana Alonso Blas Gloria Folguera Ventura, Data Protection Officer, EUIPO, Alicante (ES)
11.30	Q&A
11.45	Information on the certification examination and Q&A Maria Veronica Pérez Asinari, Rosa Barcelo, Global Privacy and Cybersecurity Partner at McDermott Will & Emery, Brussels (BE) – online Björn Hölbling, Digital Officer, EIPA, Maastricht (NL)
12.30	Lunch at EIPA’s restaurant
13.30	Data Protection Risk Framework: Evaluation and Control inside your Organisation Gloria Folguera Ventura
14.15	Q&A
14.30	Coffee Break
15.00	Supervising data protection compliance: The role of the data protection authorities. Examples from EU institutions TBC
16.00	Q&A
16.15	Supervising data protection compliance: The role of the data protection authorities. Examples from National Administrations (EDPB+ DPA) Jekaterina Macuka, Director at Data State Inspectorate of the Republic of Latvia, Riga
17.00	Q&A
17.15	End of the day
19.00	Dinner

08.45	Opening of the online platform for online participants
09.00	Cross-border data transfers – options and solutions Diana Alonso Blas
10.15	Coffee Break
10.45	Group exercise: cross-border data transfers in practice (interactive session 1) Diana Alonso Blas
11.30	Group exercise: cross-border data transfers in practice (interactive session 2) Diana Alonso Blas
12.15	Q&A
12.45	Lunch at Hotel Derlon
14.15	Data Protection Impact Assessment Maarten Daman, Data Protection Officer, European Central Bank (ECB) & European Systemic Risk Board (ESRB), Frankfurt (DE)
15.15	Q&A
15.30	Coffee Break
15.45	The present and the future of the DPO: framework AI implementation for DPOs Maarten Daman
16.30	Q&A
16.45	Coffee Break
17.00	ePrivacy Directive – Part of the Comprehensive Data Protection Framework Rosa Barcelo
17.45	End of the day

08.45	Opening of the online platform for online participants
09.00	Data protection and data security: it’s all about the protection of information Daniel Drewer, Data Protection Officer, Europol, The Hague (NL)
10.00	Q&A
10.15	Coffee Break with Limburg Treat
10.45	Data protection audit: only nice to have or a must for DPOs? Daniel Drewer
11.45	Q&A
12.00	Lunch at EIPA’s restaurant
13.15	Current cyber threat landscape Muyiwa Olufon, Chief Information Security Officer (CISO), Flutterwave Nairobi (KE/NL)
14.00	Data breaches: accountability of the DPO as assurance provider (Interactive session) Daniel Drewer and Muyiwa Olufon
16.00	Coffee Break
16.15	Workshop: preparing for the certification examination Rosa Barcelo Maria Veronica Pérez Asinari
18.00	End of the day

08.45	Opening of the online platform for online participants
09.00	Entrance & getting installed
09.30	Certification/Re-sit examination
11.30	End of the examination
11.45	Take-away lunch

Why you should book this course

You must accept targeting cookies to view this content.

What former participants say

Rated 5 out of 5

Gonçalo Felgueiras e Sousa

The June 2025 EIPA data protection course was excellent overall. The topics covered were all pertinent and no key aspect was left unaddressed; the presenters/trainers were particularly knowledgeable about the subject matter and had in general very good and, in some cases, outstanding communication skills; the supporting PPT slides were very informative, well-structured and the pdf files a good reference for retaining/consolidating knowledge; the organisation was excellent, the scheduled/time respected and the availability of the materials through the online platform was very helpful. In short, congratulations for the work done, for putting together such a great team of professional and thank you for the excellent contribution to my work on data protection.

DPO - European Union Drugs Agency

Rated 5 out of 5

Sapto Widyatmiko

Great opportunity to get enlightenment about personal data protection: concept and practices in Euro based on GDPR and EUDPR.

Data Quality and Dissemination of Statistics - Bank Indonesia

Rated 5 out of 5

Adriana León

Great opportunity to develop one's data privacy and information security skills both coming from the public and the private sector. Highly recommended.

RSB - Roundtable on Sustainable Biomaterials Association

Rated 5 out of 5

Agnieszka Andrzejewska

Highly recommended. I did my Data Protection certification in June 2022 and I can only recommend this course to everyone interested in Data Protection. It is very well organised, provides in-depth analysis of the topic, interesting Workshops and discussions and certification examination at the end of the course.

Expert - Human Resources and Legal Advice - European Environment Agency

Rated 5 out of 5

Paul Amiss

Brilliant course, especially good was the depth and breadth of the lecturers, real experts in their areas and extremely enthusiastic and committed to help you truly to get grips with the complexities of GDPR

Vice President Data Analytics and Deployments - Liberty Global

Rated 5 out of 5

Pascale Liessens

This DPO course is perfect for both beginners and more advanced professionals. It provides a good foundation of knowledge, but also, thanks to the talent of the speakers and the interactivity with the participants, an in-depth understanding of particular topics. It is also very well structured and organised. I highly recommend it. Thank you!

IT Project Officer - Smalls

Rated 5 out of 5

Javier Reyes

I recommend without reservations the DPO certification course by the EIPA. It is both theoretically impeccable and practically rich. Most importantly, it is imparted by seasoned professionals who share real life applications of what otherwise you will only read in textbooks. It’s worth every penny!

Data Protection Officer - Apex Fund Services, S.A. Luxembourg

Rated 5 out of 5

Daniel Granqvist

A great course which made the most out of the limited time of one week. There were great lecturers, a tight but nice schedule, enough time to socialize with other participants, all set in a beautiful town in the centre of Western Europe. The only weak part was the coffee.

Pedro Miranda

Overall the course is good, but in my opion to focused in the European Institutions and not in the private sector.

Rated 5 out of 5

Pierre Langlois de Bazillac

Excellent course.

Rated 5 out of 5

Johannes Hintzen

Great course which was organised at the right time!

Rated 5 out of 5

Ignacio DEL CAMPO

It is an excellent training ! Great organization and very useful.

Rated 5 out of 5

Luca Furlotti

The course was very well organised; all presenters were highly knowledgeable; presentations very effective and to the point. EIPA team were very supportive and friendly. One important aspect has been the possibility of networking with your colleagues from all around of Europe (EU institutions and the private sector). Social events/dinners were organised in very nice places. Indeed, I was surprised about the quality of the food! I definitely recommend this course to who needs a deep knowledge of the GDPR.

Rated 5 out of 5

Reesa Paatsi

I would recommend this very good course to private sector lawyers with already some experience in the data protection field. You may attend the course without any previous knowledge, but to a more experienced lawyer the fantastic line of speakers gives an excellent opportunity to rise discussions in more complex matters and actually get answers that help to solve the matters. Additionally, I would say that, having a lot of experience with similar course programs, this one was very well organized and left a feeling that it was time well spent. I do hope that EIPA will offer additional expert level courses in the future.

Rated 5 out of 5

Rolf Espen Riktor

Thanks for a great week with in-depth covering of all the aspects of the EU's new General Data Protection Regulation + quite a lot of other related information. It was a tremendous lot of information to assimilate during one short week, but with the help of great tutors, in-depth discussions with fellow students, practical exercises and workshops, and comprehensive presentations, I feel that it was possible to assimilate the essence of the material and that I now have a good platform for further development of my skills in this area and thus beeing able to render my clients with useful services and advice:)

Rated 5 out of 5

Paul Brett

A really great course with varied presenters from across the spectrum of Data Protection. The organisation of the course was excellent and the location in Maastricht was fantastic. I felt the course offered a lot of opportunities to network and to benefit from the experience and knowledge of fellow participants. Would highly recommend it to anyone with an interest in Data Protection.

Rated 4 out of 5

Carlos Fernandes

Course that addresses the main themes of the General Data Protection Regulation, with a good balance between theory and practice.

Rated 4 out of 5

Mark Bohan

A very detailed course on GDPR and European Regulations. It will be of particular interest to those in EU Institutions or in Public sector organisations.

Rated 5 out of 5

Paulo Costa

Very good overall course that I would highly recommend to those who want to improve their Data Protection skills. On a side note, I would advise further marketing effort on the private sector thus increasing the quality of the examples and networking opportunities.

Rated 5 out of 5

Jose Antonio Garrido Otaola

The course was very well organized by EIPA (logistics, meals, documentation, final exam, etc.) and the lecturers were real experts who shared their knowledge and experience in data protection matters in a very practical and enthusiastic way. I really liked this course and would like to recommend it to anyone who has to work in this area.

Rated 5 out of 5

Lídia Silvestre

This is a very useful course with great lecturers, which is very well organized.

Rated 5 out of 5

Hadiza Ali Dagabana

An excellent program. I was overwhelmed with the number of experts with practical experience on Data Protection. It was an eye opener and a great experience. I took down two sets of notes, one for my pre-exam revision and the 2nd for my to do list. I kept reflecting on my organisational processes and policy documents, what I learnt will go a long way in making my organisation up to date with international best practices. On the soft side of the program, keep up the good planning. Congratulations to the whole team!

Rated 5 out of 5

Kaipichit Ruengsrichaiya

A well-structured course on Data Protection, ranging from understanding the philosophy and core objectives to applying the methods suggested in GDPR. The experts are very helpful and willingly share insights of the topics and practices. The peers are excellent and dynamic. Discussions both in and out of the classes are indeed helpful to clarify the insights and applications of them. Very helpful team of organisers and supporting staffs. Very impressed with the course.

Rated 5 out of 5

Miguel Ruiz Sanchez

Among the many other Data Protection trainings I've attended I found EIPA's a great source of information. Nevertheless, the key success factor here is the way the training is developed and implemented. You'll not find a mere revision of GDPR (and other related data privacy laws) contents, but how they have been implemented by the panelists in their respective fields of knowledge and current professional roles, mostly in EU institutions. The approach given to the sessions (combining theoretical and practical information) makes it easy to understand the sharpen topics of the law. A special mention to the high level of knowledge from my colleagues (coming mostly from public bodies and institutions) that enriched debates. The schedule was really tough and intense but also lightened by social events and networking spare time. Highly recommendable.

Rated 5 out of 5

Ilga Mozule

A well built course, very much worth it - the topics of lectures take you through the main components of Data Protection, crucial institutions, complex issues, the current state of affairs, future trends. The lecturers are professionals representing key European institutions. Discussions flow freely alongside theory and includes group work as well as plenty networking with your peers.

Rated 5 out of 5

Maria Inês Seabra Moura

I was positively surprised with this course. I had the opportunity to learn from the best-of-the-best in the field of Data Protection which was both an overwhelming and enlightening experience! The course programme accomplished the challenging task of balancing practical and theoretical content. I could also benefit from the extraordinary diversity of the colleagues with so many different experiences, knowledge and professional backgrounds which enriched this learning experience even more. A special note also to praise the very good organization, logistics, and the resources provided for the course, and to thank the courtesy and care with which the participants were treated. I would definitely recommend this course to any professional in the Data Protection field has an important reference in their professional path!

Rated 5 out of 5

Helmi van Bergen

Despite the fact that the course had to be online, i certainly enjoyed having this course. Because it gave me a good documented and practical view and insights of the GDPR. Compliments on the organisation and the lecturers.

Rated 4 out of 5

Magda Rosianu

Very good and complete training. Both the lecturers and organizers made from this first online training of one week a success. Although the exchanges are more difficult and participants are not equally involved in the online environment, the information transmitted was exhaustive and the lectures explicit.

Rated 5 out of 5

Desislava

This course guides you through a really inspiring journey in the world of data protection. It's highly recommended both for newcomers in the field and for privacy professionals!

Rated 5 out of 5

H.T, Legal officer, PMO – Legal Matters and SLAs, European Commission

I would like to thank you once again for the courses and the organisation of the seminar. The presentations were of high quality and the speakers were very exciting. Even though I am very aware of all the topics linked to data protection, it was great to have new views on all of that. I will report my director and of course recommend the courses to my colleagues.

Rated 5 out of 5

Alexandru Chirita

I really appreciate the training. I would have loved to have more time debating. I will participate in future events/trainings as I found the speakers to be excellent professionals.

Rated 5 out of 5

Konstantinos Floridis

The training is excellent in respect of the knowledge one acquires during its course on all subjects concerning the world of the GDPR. Beginners definitely reach a very good level of understanding of all related matters and more advanced professionals are also benefited especially through the discussion of real-life examples. The presenters do a very good job of constructively interacting with participants and are very kind - their expertise and knowledge are with no doubt. The organizers of the event are true professionals, always there to help and proactively take care of all relevant issues.

Rated 5 out of 5

Dana

I am very pleased with the quality of this course, of the course materials and of the speakers. It has been a very intense week, and although, due to Covid, the entire course was held on-line, everything was on spot and there was a good connection with the presenters and with the other participants during breaks.

Counsel

1 / 33