Current Status
Not Enrolled
Get Started



Course Description

This course describes the Consent as a lawful basis of processing personal data. It describes in detail about how to obtain a Consent, the elements that must exist in order a Consent to be considered as a valid Consent and the Consent withdrawal process. It explains the various good and bad methods used to obtain a Consent and the information that a controller should provide to data subjects when the data subjects’ Consent is collected.

This course also provides examples to understand how to obtain valid Consents and how a controller can comply with the data subjects’ request for Consent withdrawal. This seminar aims to provide a clear explanation about the Consent for processing personal data and to explain in brief what a controller shall do and what to avoid when collecting a Consent from data subjects.

Obtaining the Consent by a data subject is one of the six lawful bases to process personal data by a controller. The crucial role of Consent is underlined by Articles 7 and 8 of the Charter of Fundamental Rights of the European Union.

Topics covered

The course is split into the following sections:

Section 1: General provisions of Consent – Understand the Consent

  • Key Definitions
  • Brief summary of GDPR
  • Obtaining a Consent as a lawful basis to process personal data
  • How a Consent can be collected – Examples
  • More conditions to understand the Consent

Section 2: Elements of a valid Consent

  • Element 1: The Consent must be “Freely Given”
  • Element 2: The Consent must be “Specific”
  • Element 3: The Consent must be “Informed”

Section 3: Obtain and Withdraw of Consent

  • Obtain a Consent – Examples
  • Additional conditions for obtaining valid Consent
  • Withdrawal of Consent – Examples
  • Withdrawal of Consent – General Conditions

    Course Duration

    This course may take up to 3 hours to be completed. However, actual study time differs as each learner uses their own training pace.

    The course is addressed to:

    This course is addressed to all individuals who are involved in the processing of personal data in an organisation:

    • Designated DPOs in Investment Firms, Investment Funds, ASPs, Trust Service Corporate Providers, Banks, Law Firms, Accounting Firms, insurance companies, hospitals, schools and in general DPOs of all organisations
    • Employees of Investment Firms, Investment Funds, ASPs, Trust Service Corporate Providers, Banks, Law Firms, Accounting Firms, insurance companies, hospitals, schools and in general of all organisations involved in the processing of personal data
    • Internal Auditors
    • Consultants
    • Senior managers
    • Directors

    It is also suitable to professionals pursuing CPD for the renewal of CySEC Certificate (CySEC Basic and CySEC Advance Certificate) or other relevant professional certificates in other jurisdictions.

    Training Method

    The course is offered fully online using a self-paced approach. The learning units consist of power point presentations and examples. Learners may start, stop and resume their training at any time.

    At the end of each section, participants take a Quiz to complete their learning unit and earn a Certificate of Completion once the Quiz has been passed successfully.

    Accreditation and CPD Recognition

    The course can be accredited by regulators and other bodies for 3 CPD Units that require CPD training in financial and other regulation.

    Eligibility criteria and CPD Units are verified directly by your association or other bodies in which you hold membership.

    Registration and Access

    To register to this course, click on the Take this course button to pay online and receive your access instantly. If you are purchasing this course on behalf of others, please be advised that you will need to create or use their personal profile before finalizing your payment.

    Access to the course is valid for 60 days.

    If you wish to receive an invoice instead of paying online, please Contact us by email. Talk to us for our special Corporate Group rates.


    Andreas Nicolaides has more than 8-years experience in the financial Industry. He is the Operations Manager of G.P. GLOBAL LTD offering consulting services and training courses to Investment Firms, Administrative Service Providers and Funds focuses in Internal Audit, compliance & AML issues. He is a member of the Internal Audit team of G.P. GLOBAL LTD and is involved in numerous Internal Audits of Cyprus Investment Firms, Administrative Service Providers and Funds where he is engaged, among others, in the audit for compliance with the GDPR regulatory framework. He has completed a number of trainings on GDPR regulatory framework and assisted a number of Cyprus Investment Firms, Administrative Service Providers and Funds to comply with their GDPR legal obligations.

    Andreas Nicolaides holds a BA in Business Management from the Northumbria University (Newcastle – UK). Andreas also holds an Advance and Money Laundering certificate from the Cyprus Securities and Exchange Commission for the provision of investment services/activities.

    See more Courses from Andreas Nicolaides

    Course Description (click to download)