Falconbury Logo
Presented by

GDPR: Legally Processing and Sharing Data and Managing Data Breaches Training Course

Dealing with data can be a legal minefield in any business. This webinar will bring you right up to date with how you can legally process and share data, and help you understand and manage a data breach.

★★★★★ "All was useful"

25 July 2023
+ 9 November 2023
from £299

Need help?  Enrol or reserve

  • Format: Live online
  • CPD: 3 hours for your records
  • Certificate of completion

Course overview

This intensive webinar will make sure you're fully aware of the law relating to the processing and sharing of personal data.

The laws in this area can be confusing. Getting it wrong can have big consequences for your business. Mark Weston will bring you up to date with the latest law and developments, and how they affect best practice. He will explain the differences between data processing and data sharing, as well as looking at the laws and regulations related to managing data breaches and how to navigate your way through them for the best outcome.

This training course is part of our Commercial Contracts Training Course collection which has been designed for the in-house lawyer.

Benefits of attending

  • Learn about the law and regulation relating to data processing, data sharing and data breaches
  • Understand the definition of 'controller', 'processor' and 'joint controller'
  • Examine the obligations of the controller and the processor
  • Get to grips with the law relating to data breaches
  • Clarify the different types of breaches and what they mean
  • Get up to date with the reporting requirements under the different applicable laws

Who should attend?

  • In-house lawyers
  • Private practice lawyers
  • Compliance officers
  • Company secretaries
  • Board members
  • HR professionals
  • Marketing professionals
  • Anyone who uses or possesses personal data

Enrol or reserve

The GDPR: Legally Processing and Sharing Data and Managing Data Breaches course will cover:

Definitions of controller, processor and joint controller and where the lines blur

  • Factors the regulator considers that go into the definitions of each in difficult cases

Controller obligations, processor obligations and splitting controller obligations between joint controllers

Application of controller to processor clauses and commercial considerations

Managing data breaches: outline of applicable laws

  • Data Protection Act 2018, UK GDPR
  • The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR)
  • Communications Act 2003
  • The Network and Information Systems Regulations 2018 (NIS Regulations)
  • The Regulation of Investigatory Powers Act 2000 (RIPA)
  • Investigatory Powers Act 2016
  • Computer Misuse Act 1990
  • Official Secrets Act 1989
  • Governance obligations
  • Copyright Designs and Patents Act 1988
  • Trade Marks Act 1994 and Forgery and Counterfeiting Act 1981 may also apply alongside the Fraud Act 2006 and Proceeds of Crime Act 2002
  • The Malicious Communications Act 1988

Understanding the different data breach types

  • Hacking
  • Unsolicited penetration testing
  • Denial-of-service attacks
  • Malware infections
  • Phishing
  • Distribution, sale or offering for sale (or possession or use) of hardware, software or other tools used to commit cybercrime
  • Identity theft and identity fraud
  • Criminal issues
  • Civil issues

Territorial issues to consider

Reporting requirements under the different applicable laws

Enrol or reserve

Mark Weston
Sederby Consulting

Mark Weston is a partner at Hill Dickinson LLP and is the Head of Information Technology, Intellectual Property and Commercial (London). Mark joined the firm from Matthew Arnold and Baldwin LLP where for 12 years he was a partner and Head of the Commercial, Intellectual Property and Information Technology Group, before which he spent several years at Baker McKenzie.

Expertise: Mark’s practice covers both non-contentious and contentious matters in all areas of commercial law, intellectual property law, information technology law, Internet, electronic commerce and on-line services law. He specialises in commercial and Tech issues.

Clients: Just some of Mark’s more well-known clients include Elstree Film Studios, Defaqto, mysupermarket.co.uk, Groupon, RTL Group S.A., Retailcorp Brands LLC, The Gulf Marketing Group, Europcar, Hilton Hotels and the BBC.

Some detail: Mark has extensive experience in advising clients on all manner of commercial matters (such as business planning and solutions, franchising, distribution, agency and marketing) through branding and intellectual property exploitation and licensing, to advice and documentation regarding hardware and software issues (such as development, licensing, maintenance and distribution, SaaS and cloud, Internet transactional solutioning, B2B, B2C and B2G electronic commerce, S-commerce and M-Commerce, social media, outsourcing, facilities management, procurement, IT policies, data protection (privacy), GDPR and freedom of information issues). He has a particular expertise in new digital business and revenue streams. He is also experienced in dealing with software disputes and IT litigation. The increasingly extensive media side of his practice relates primarily to publishing (both real world and digital content), to games and gaming platforms (and particularly transmedia technologies), advising companies about their advertising onscreen, online and in print and managing their public communications strategies generally (dealing with the CMA and ASA in the process) – and also a smattering of television, film and music exploitation.

More unusual:

Mark has previously spent several months on secondment to Hewlett Packard and he has also been seconded to assist in the legal problems arising in new technology companies such as Symbian. From 2000 to 2001, Mark was resident in the Chicago office of Baker & McKenzie advising US clients on European and UK aspects of IT and electronic commerce law and practice.

Mark is the author of the Legal Practice Companion, a parallel text book at several law schools, the editor of the IP and Media Law Companion as well as the rest of the Companion series of books published by Bloomsbury Professional, Tottels, Cavendish Publishing and Oxford University Press. He has noted numerous reports for the IT Law Reports and is widely published in Computing, Computers & Law, Computer Law & Security Report, IT Law Today, Intellectual Property World, Solicitors Journal and many other journals both online and offline. Mark has also authored articles syndicated in the national and trade press and is regularly quoted in national newspapers. Mark is the author of the Business Names on the Internet chapter in the PLC Ecommerce Manual as well as numerous other articles on various Commercial & IT law topics.

Mark lectures regularly on all Commercial, IP and IT law topics, most recently lecturing at the IBC IT ‘Summer School’ Programme in Cambridge, England; the Falconbury two-day and three-day Commercial Contracts seminars (run several times a year) and IT Contracts seminars (run three times a year) in London; and he has previously lectured at the Annual On-line & Internet Commerce Law Institute seminar in Chicago and tutored at University College London. He also runs a programme of bespoke training schemes on commercial law, IP law and IT law as well as soft skills programmes such as negotiation skills and presentation skills.

Finally, you will have seen that Mark likes blogging and writing books, which are available at all good bookshops! He also appears regularly on BBC1 (usually providing advice on-screen to BBC Watchdog) and also on Sky News as a legal commentator, as well as trying to avoid the huge quantity of pink powder the TV make-up girls want to apply to his increasingly receding hairline.

More details

Book GDPR: Legally Processing and Sharing Data and Managing Data Breaches Live online training

NEW higher discounts for multiple bookings - bring your colleagues to make your training budget go further:

  • 30% off the 2nd delegate*
  • 40% off the 3rd delegate*
  • 50% off the 4th delegate*

Please contact us for pricing if you are interested in booking 5 or more delegates

25 July 2023

Live online

13:30-17:00 UK (London) (UTC+01)
14:30-18:00 Paris (UTC+02)
08:30-12:00 New York (UTC-04)
Course code 12768

  • GBP 299 349
  • EUR 439 509
  • USD 501 579

Until 20 Jun

View basket 

Not ready to book yet?

for 7 days, no obligation

9 November 2023

Live online

13:30-17:00 UK (London) (UTC+00)
14:30-18:00 Paris (UTC+01)
08:30-12:00 New York (UTC-05)
Course code 12769

  • GBP 299 349
  • EUR 439 509
  • USD 501 579

Until 05 Oct

View basket 

Not ready to book yet?

for 7 days, no obligation

* Early booking discounts may not be combined with other discounts or offers. As such, the discounts for 2nd/3rd/4th delegates are based on the full price.

Reviews of IPI's GDPR: Legally Processing and Sharing Data and Managing Data Breaches training course

All was useful

Nov 10 2022

Marina Varghese

Aug 3 2022

Very good.

Mariia Lys
Consultant , CIS London

Aug 3 2022

Overall a good and informative course. :)

Isha Mirza-Bari
Contracts Specialist , Simbec-Orion Group Limited

United Kingdom

  • A&L Goodbody
  • AGCO Limited
  • Boodle Hatfield LLP
  • CIS London
  • Future Electronics Limited
  • Impellam Group
  • Impellam Group PLC
  • Jisc
  • Shearwater Group PLC
  • Simbec-Orion Group Limited
  • TMF Group B.V.
  • VTG Rail UK Ltd


  • W.L. Gore & Associates GmbH

Korea, Republic Of

  • Samsung Bioepis


  • TMF

Enrol or reserve

Multiple colleagues? See above for details of our discounts for 2, 3, or 4 delegates. For more, talk to one of our training experts to discuss how to:

Run this course conveniently and cost-effectively in-house for your staff and colleagues

Aleksandra Beer

Aleksandra BEER
Training expert

Yesim Nurko

Training expert

+44 (0)20 7749 4749