Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.


Understanding the GDPR

University of Groningen via FutureLearn


Understand what the GDPR means for you as data subject, controller or processor

On 25 May 2018, the General Data Protection Regulation (GDPR), aiming to improve data protection for individuals across the EU, became directly applicable. Now, organisations need to be compliant with the new rules and should act immediately.

By developing good knowledge of the GDPR and understanding how it affects you, you will learn about the first steps for making your organisation compliant and can immediately start taking them. You will explore data subjects’ rights, data controllers’ and processors’ obligations, and enforcement and compliance notions in the context of the Regulation.

This course has been ranked as one of the best online courses of all time by online course aggregator class central.

The course is specifically developed for professionals working for companies, public authorities and bodies, students, and anyone who wishes to know more about data protection and the GDPR, especially those handling personal data.


  • Introduction to data protection and the GDPR
    • General introduction
    • Privacy and data protection
    • EU legal regime on data protection
    • Basic fundamentals of the GDPR
    • Data protection principles, consent and minors
    • Conclusion
  • Rights of data subjects
    • Introduction to data subjects' rights
    • Transparency and modalities
    • Rights of access, rectification, objection and restriction of processing
    • Rights to erasure and data portability
    • Rights with regard to complaints, judicial remedies, automated individual decision-making, representation and compensation
    • Restrictions of rights
    • Concluding data subjects' rights
  • Obligations of controllers and processors
    • Who are controllers and processors?
    • Controller's obligations and responsibilities
    • Information, notification and record keeping
    • DPIA and DPO
    • Joint controllers
    • Processor's obligations and responsibilities
    • Summary and concluding remarks
  • GDPR enforcement and compliance
    • Responsibilities, liabilities and penalties
    • Data protection supervisory authorities
    • Codes of conducts, certification mechanisms and binding corporate rules
    • Data transfers and processing outside the EU
    • Liabilities, responsibilities and penalties
    • Conclusion

Taught by

Evgeni Moyakine


4.7 rating, based on 44 Class Central reviews

4.7 rating at FutureLearn based on 127 ratings

Start your review of Understanding the GDPR

  • Comprehensive coverage of the GDPR and why it should be adhered to. I would have liked more examples or guidance of HOW to implement it. Plus common pitfalls to look out for and how to avoid them. It seemed to me that there was a slight attitude of "comply with the GDPR or else you and your company could be fined".

    Some of the material was quite dry but one excellent aspect was how the discussions were linked with the actual clauses of the GDPR.
  • Profile image for Zane Slocombe
    Zane Slocombe
    University of Groningen offer quality courses and the 'Understanding GDPR' was no exception. I recommend it to anyone who is involved in a business in the EU or who deals with the EU as well as anyone involved with any organisation in the Union or…
  • Anonymous
    A very elaborate but at the same time concise introduction to the GDPR! I appreciate the organization of each course week, where information was delivered in great order.

    Perhaps the most important part of the course is the fact that you do not need a legal background to understand the basic concepts, principles, as well as the rights we all are granted by the virtue of the GDPR.

    Thank you for your effort!
  • Anonymous
    Easy to understand, gives a lot of information and an overall great indrodutory class that can be completed in 4 weeks. The information is presented in a systematic way for lawyers and non lawyers.
  • Anonymous
    A comprehensive course on understanding GDPR, with useful additional information through pdfs and links.
  • David Jennings
    I did this course in January/February 2018.

    Inevitably the subject matter is quite dry. Parts of Weeks 2 and 3 felt a little bit like an only-slightly-animated version of the legislation itself (this page is about Article 27 and what it means; this page is about Article 28 and what it means).

    But if you want or need to find out what the GDPR might mean for you, this does the job.

    I'm slightly surprised to find that it has run before, because one or two of the videos and texts in the course look to have editing errors. Several participants commented on these, but there was no response.
  • Yass Nshb
    Very useful. I've learnt a lot in just 2 weeks.
    Very educational. I have a law degree but I think there is no need to have a legal background for this course.
    Very useful for anyone aiming to know about personal data protection or to work in this field.
  • Anonymous
    This course covers all aspects of GDPR and is well presented. It is accessible to all and is very informative.
  • Anonymous
    'Understanding the GDPR' course explains the fundamentals of GDPR very well. It covers topics such as Privacy and data protection, key data protection roles, principles, rights of data subjects, restriction of rights, obligations of controllers and…
  • Anonymous
    I currently work for a UK Government department and part of my job is understanding the current Data Protection Act (1998) but I had heard that the new GDPR legislation was coming into force on May 28th 2018 and so I eagerly signed up for this cours…
  • Anonymous
    I am really satisfied from the course and the material given. Overall, I find it very comprehensive, very informative and well-structured. I highly recomment it to everyone who is interested in GDPR, either personally or profesionally. The tests and…
  • There is no need to have a legal background to understand the course, which has a lot of content and enables to understand the principles and what to do in an organization to meet the requirements. At the same time, people with good understanding a…
  • Anonymous
    This course was an excellent introduction to key concepts of the GDPR, helping me to understand its complex requirements and implications on businesses. I now am more aware of immediate actions that can be taken to conform to the regulation's intent, and feel better able to work with a legal advisor for ensuring full compliance.

    I highly recommend the course for everyone, whether or not directly involved in data processing, to become more aware of how much personal information is being collected or provided. Even if an organization currently is not subject to the GDPR, the GDPR already is influencing data privacy regulations being considered in jurisdictions outside of the European Union.
  • Anonymous
    Quite in-depth look at the different parts of the GDPR. Week 1 is an intro, wk 2 is about data subject rights, wk 3 about data controllers and processors and wk 4 about liabilities and penalties.
    The course is well divided in small chunks. A week takes about 2-3 hours.
    My main objection was that texts were quite 'legal' and thus at places hard to read. Participants who do not have a background in law and are just there to gain practical knowledge about the GDPR might need some time settling in the style of the course.
    Some other small quibbles will most likely be solved when the course runs again.
  • Anonymous
    It provides understanding of EU GDPR, the scope, the accountability principles, sanctions and remediation, the roles and responsibilities of controllers, processors, EU member states, EU etc. How data subject, controllers, processors and authorities can engage players in GDPR to seek redress in cases of infringement.

    I love the flow of the topics, quiz and discussion to drive home the lessons learnt. The topic has indeed help broaden my knowledge of the concept and I am ready to take further steps in achieving the goal set for my engagement in data protection regulations.
  • Anonymous
    Good overview of principles appropriate for most small and medium-sized organisations that handle personal data; this is not a specialist's course but would give enough pointers to those who need to delve deeper. It's presented by a law department (who else would say talk about "a very interesting aspect of this legislation"?) so system designers and technologists may have to work quite hard to translate the learnings into technology steps and processes. But overall worth doing and a decent return on the time invested.
  • Anonymous
    An in-depth course, explaining various sections of the GDPR in a very understandable way. It also briefly discusses when other regulations than the GDPR apply.
    I think the course is very complete and informative, and would highly recommend it for any type of organisation and also to any data subjects who are interested in learning more about privacy regulations.
    The course does not appear to be updated from one iteration to the next and could do with a minor update.
  • Anonymous
    Interesting topic and for the larger part clearly introduced. I missed a glossary with law concepts used in the course - as I am no law student and have never been one. Also I find it a pity the course instructors did not (visible to us) read along with the remarks, answering questions posed. Finally I had the feeling that some more proofreading and proofviewing would have been advisable before the MOOC was opened for viewing.
  • Anonymous
    I've found the course informative and easy to follow. It covers the basic knowledge one needs to know about GDPR, while including links for more detailed learning. The quizzes are great and added more fun in learning.

    I finished the course in about 4 weeks. I would recommend this course. It opens the door in understanding GDPR which is very important when dealing with personal data as well as knowing my rights as data subject.
  • Anonymous
    The course allows students to have a good overall understanding of the GDPR. I already had some knowledge about the GDPR but still learned some new things. It uses clear language, which makes me think that even people with no background in law and/or technology will be able to understand everything. Some interesting extra material is provided. I think this is a good course for people who are taking their first steps in data protection.

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.