Register Your Interest

Register your interest

Register to be alerted when the course is available for demonstration and purchase.

By selecting the check box you consent to TPE using your contact name, company name, email address and number of employees to send your organisation notifications about TPE's compliance training modules.

By selecting the check box you consent to TPE keeping these details on record in Guernsey for 12 months.

You have a right to access this information, to correction, to erase these details 'to be forgotten', to withdraw consent and to port these details to another company.

Please use the TPE contact details provided for any access requests.

Privacy Policy

Data Protection legislation states that organisations must provide 'the appropriate data protection training to personnel having permanent or regular access to personal data.'

Please note that the GDPR applies to organisations processing personal data belonging to individuals in the UK - as the UK will continue to be in the EU as of May 25th 2018 when the Regulation comes in to force.

Organisation-wide Digital Data Protection Training

Are you looking to bridge any gaps in employees' awareness of the requirements of the GDPR and local Data Protection laws?

TPE's series of Data Protection compliance training modules have been designed to bridge these gaps, to develop a culture of Data Protection and to help support organisations in their ongoing process of risk identification and mitigation.

Do you need an effective way to demonstrate appropriate measures taken to comply with the EU and local Data Protection legislation?

TPE's digital training modules will enable you to: record individual employees' scores as part of internal compliance reporting, to identify who has completed training and highlight where gaps exist in individuals' understanding of the legislation, and to demonstrate measures taken to support ongoing compliance with the Data Protection legislation through certification.

GDPR Digital Compliance Training Series

The first two modules in TPE's GDPR series enable all personnel to become aware of the major aspects and requirements of the GDPR and Data Protection laws in the Channel Islands.

More specialised modules will be developed in the coming year to cover organisational and technical implementation aspects of data protection compliance.

Module Key Features

CPD Accredited

Take Online Anytime, Anywhere / Bookmark

Interactive, Self-Paced, Problem-Based Training

Certification On Achieving 80% Pass Mark

Scorm Compliant - Track & Report On Staff Progress

WCAG 2.0 Level AA


An Overview of the Regulation & Channel Islands Data Protection Laws

Duration: 60 Minutes (3 - 20 mins bookmarked sessions)

£50 per person

Designed for: All professionals with access to personal data.

CPD Accredited: 1 Hour (TBC)

  • What is new in comparison to the EU Directive
  • Who does the GDPR apply to
  • What is meant by 'Personal Data'
  • The 6 Key Principles of the GDPR
  • Major Aspects: Scope, consent, individuals' rights, subject access requests, privacy by design and by default, role of the Data Protection Officer, DPIAs, good data governance, notifications, reporting and penalties
  • Implications of the GDPR and local Data Protection laws for organisations in the Channel Islands
  • Knowledge Check & Certification


A Risk-Based Approach


Duration: 40 Minutes (3 - 15 mins bookmarked sessions)

£40 per person

Designed for: All professionals with access to personal data.

CPD Accredited: 1 Hour (TBC)

  • Taking a risk-based approach to data protection
  • The GDPR and Channel Islands Data Protection legislative accountability requirements and obligations according to level of processing risk
  • Specific requirements on organisations who engage in High Risk Processing
  • Practical steps to identify risk, and implement technical and organisational controls to measure and mitigate risks, and safeguard personal data by design and by default
  • Organisational roles and responsibilities needed to maintain a risk-based approach to data protection and data privacy
  • Knowledge Check & Certification
Register Your Interest

Collaboration with GDPR & Channel Islands Data Protection Experts

Emma Martins

Emma’s academic background is in social science and her career started in public service and working as a civilian manager for the States of Jersey Police in the 1990’s. A role which had data protection duties as part of its remit which was her introduction to this field of work. She was employed at the Data Protection Office as Deputy Registrar in 2001. When the Commissioner retired in 2005, Emma was successful in her application for the role. In 2012 the Channel Islands joined forces to establish a pan-Island data protection presence and Emma now manages regulatory oversight of both Jersey and the Bailiwick of Guernsey. More recently this role has also extended to oversight of the recently implemented Freedom of Information (Jersey) Law 2011 in Jersey creating the role of Information Commissioner.

Since 2016 Emma has been working closely with both Governments on the implementation plan for the GDPR which is due for implementation in May 2018.

Richard Field
Carey Olsen

Richard is counsel to the dispute resolution and regulatory team in Guernsey specialising in regulatory, corporate and commercial litigation, including banking, investment and funds litigation. His regulatory practice encompasses anti-money laundering (AML), sanctions and eGaming matters and he is seen as one of the leading lawyers on the island in respect of data protection matters.

His data protection practice encompasses drafting terms and conditions, policies and procedures and advising on incident responses and international transfers. He presents regularly on the implementation of the forthcoming GDPR and is at the forefront of considering its implementation in Guernsey. He sits on the States of Guernsey Industry Working Party (tasked with assessing the island's response to GDPR), has been closely involved in the development of Guernsey's legislation and has co-authored the Channel Islands Guide to GDPR. He is a committee member of the Association of Data Protection Officers and writes regular articles and blogs on the development of data protection and privacy laws.

Richard has a keen interest in emerging technologies within the regulatory context and sits on the Digital Guernsey Panel. His work in this area has seen him involved with projects on the use of blockchain, digital identity, cryptocurrencies and cloud services.


  • GDPR Planning and implementation
  • Privacy policies and framework development
  • Data transfer advice and contractual documentation
  • Information governance in financial services
  • Data breach and incident response
  • Outsourcing Agreements
  • Data protection claims and disputes
  • Privacy and cybersecurity audits
  • Employee privacy
  • Healthcare privacy
  • Privacy and fair processing statements
  • Regulatory compliance
  • Data issues in cloud and technology applications

Grant Hamilton

BITS (Business IT Services) Limited offers a variety of services to businesses and home users.

These services include outsourced IT, Project Management, Software Development, System Support, IT Equipment purchases and general IT related consultancy, to name a few.

Data protection and GDPR compliance are the latest regulations that businesses need to be aware of.  We co-founded the Association of Data Protection Officers in Guernsey to be in a better position to help our clients with the incoming GDP Regulation, to make sure that they were best informed of the possible solutions in order to comply with the regulation.

We also offer tailor made services to individual clients. These services can be as long or short term as you desire.

Our contact details and more information on what we do is available here:

Sarah Levy

Sarah Levy B.Ed., M.Ed. is a Senior eLearning Instructional Designer who has over 15 years experience custom-designing digital training modules for blue-chip companies while working for Accenture, Fuel (LRN) and other eLearning Production companies. Clients have included Siemens, GlaxoSmithKline, Thomson Reuters, DHL, Eversheds, UBS Investment Bank, UKERNA, O2 and BT. In 2015, Sarah founded her own digital training company in Guernsey - ViaSynergy Ltd.

Sarah has designed TPE’s GDPR modules in collaboration with subject matter experts using the highest level of instructional design best practice to ensure core learning is based in context using engaging interactions and rich multimedia to support meaningful understanding.

"The introduction of GDPR will transform the way businesses are able to handle personal data; we are on the verge of huge change in data regulation..."

"I cannot over emphasise the importance of being prepared for this legislation. I particularly want to stress this to the islands' small to medium sized business communities who may not have access to the legal or compliance expertise and resources available to larger organisations. The new regulations are certainly going to up the game in terms of compliance obligations and there is much greater accountability for data controllers and processors. Wherever personal data is involved, whether that is staff, client or any other information relating to individuals, data protection compliance will have to be considered and built in at the beginning of the process and to a more significant and demonstrable degree."

Emma Martins

Data Protection & Information Commissioner for the Channel Islands

Course Benefits

  • Enable organisation-wide compliance with the GDPR and local Data Protection laws.
  • Develop a culture of data protection and data privacy leading to informed, compliant decision-making.
  • Identify any organisational compliance risks early and mitigate risks.
  • Safeguard personal data by design and by default.
  • Demonstrate appropriate organisational measures taken to raise Data Protection legislative awareness.
  • Reduce chances of facing significant regulatory fines and associated reputational damage for non-compliance.
  • Integrate modules as part of a wider orgnisational blended Data Protection training program and campaign.