DPO Training


The training of the Data Protection Officer has the objective of, not being licensed in Law, to provide him/her with specialized knowledge of Law and practice in the field of data protection. Therefore, the necessary knowledge, skills or abilities that the person to certify must be known or possessed to carry out each of the functions of the Delegate for Data Protection.


The training of DPO must provide the necessary knowledge to be able to:

a)            collect information to determine treatment activities,

b)           analyze and verify the compliance of the treatment activities, and

c)            inform, advise and issue recommendations to the person in charge or the person in charge of the treatment.

d)           collect information to supervise the registration of treatment operations.

e)            advise on the application of the principle of data protection by design and by default.

f)             advise on:

•             whether or not an impact assessment of data protection should be carried out

•             what methodology should be followed when carrying out an impact assessment of the Data Protection

•             whether the impact assessment of data protection with own resources or with outsourcing should be carried out

•             what safeguards (including technical and organizational measures) to apply to mitigate any risk to the rights and interests of those affected

•             whether the impact assessment of data protection has been carried out correctly or not

•             if its conclusions (whether to proceed or not with the treatment and what safeguards apply) are in accordance with the Regulation.

g)            prioritize their activities and focus their efforts on those issues that present the greatest risks related to data protection.

h)           advise the controller on:

•            what methodology to use when carrying out an impact assessment of the Data Protection,

•             which areas should undergo internal or external data protection audit,

•             what internal training activities to provide the staff or directors responsible for the data processing activities and to which treatment operations to devote more time and resources.


Click here to acquire Book “Preparación  Examen Certificación conforme al Esquema de la AEPD para DPD”


Check here the training itinerary for obtaining the Certified Data Protection Certification Certificate in accordance with the AEPD Certification Scheme v.1.1 


Training centers whose training programs have been recognized, consult here.

Requirements to obtain accreditation as a Recognized Training Center, consult here.


IMPORTANT NOTE: All the prerequisites, requirements established by ANF AC, correspond to the provisions of the AEPD Certification Scheme for DPD v.1.1