CIPP/E Certification Prep
The complete self-paced CIPP/E master course - enterprise grade, exam-mapped, and publish-ready. Based strictly on the official IAPP CIPP/E Body of Knowledge 2025, it spans five domains of 50 chapters each, every chapter with objectives, beginner-to-expert explanations, EDPB references, scenarios, mini-cases, exam-style questions, and summaries.
What it covers and how it works
The Certified Information Privacy Professional/Europe (CIPP/E) is the benchmark credential for European data-protection knowledge. This master course is built strictly on the IAPP CIPP/E Body of Knowledge 2025 and covers the full arc: the origins and institutions of European data protection, GDPR law and regulation, European data processing, scope and accountability, and compliance across employment, surveillance, marketing, and technology. 250 chapters with video, podcast, PDF notes, and decks, plus enterprise artifacts - RoPA, DPIA, TIA, and SCC guides.
It combines structured lessons with practical exercises and, where relevant, exam-aligned preparation. It is self-paced with lifetime access, and available as a mentor-led cohort or private corporate training.
5 modules · 90 chapters
The complete self-paced CIPP/E master course - enterprise grade, exam-mapped, and publish-ready. Based strictly on the official IAPP CIPP/E Body of Knowledge 2025, it spans five domains of 50 chapters each, every chapter with objectives, beginner-to-expert explanations, EDPB references, scenarios, mini-cases, exam-style questions, and summaries.
01 Domain I - Introduction to European Data Protection (Ch 1-50) 18 chapters
- What Is Data Protection?
- Human Rights Foundations - UDHR & ECHR
- Article 8 ECHR - Right to Privacy
- OECD Guidelines (1980)
- Council of Europe & Convention 108 / 108+
- Treaty of Lisbon & Charter of Fundamental Rights
- Harmonization & fragmentation before GDPR
- EU institutions behind privacy (Commission, Parliament, Council)
- Court of Justice of the EU - interpreting privacy
- European Court of Human Rights
- Impact of Brexit on EU data protection
- How GDPR emerged in 2016
- Supervisory authorities, EDPB & EDPS
- One-Stop-Shop & the consistency mechanism
- 95/46/EC Directive & the ePrivacy Directive
- NIS/NIS2 & the EU AI Act
- GDPR principles overview
- Domain I exam review
02 Domain II - European Data Protection Law & Regulation (Ch 51-120) 18 chapters
- What is personal data? Special categories
- Pseudonymisation vs anonymisation
- Identifiability: direct vs indirect
- Controller, processor & joint controllers
- Security under GDPR: technical & organizational measures
- Encryption, access controls & permissions
- Data breach definition & notification (SA and individuals)
- Records of Processing Activities (RoPA)
- Vendor management & processor agreements
- Supply chain security & data retention
- Data subject rights: access, rectification, erasure
- Restriction, objection & withdrawal of consent
- Data portability
- Automated decision-making & profiling
- Responding to requests: timeframes & identity validation
- Handling excessive or abusive requests
- Children's rights & marketing-related rights
- Domain II rights mastery exam
03 Domain III - European Data Processing (Ch 121-200) 18 chapters
- Core principles: fairness, lawfulness, proportionality
- Purpose limitation, minimization, accuracy, storage limitation
- Legitimate-interest test (LIA) & balancing tests
- Lawful basis: consent, contract, legal obligation, vital & public interest
- Special-category & Article 9 conditions
- Biometrics, health & financial-services processing
- Lawful-basis decision tree & documentation
- Transparency: Articles 12-14 & layered notices
- Privacy notices, just-in-time & cookie notices
- AI-systems transparency
- International transfers: why they are restricted
- Adequacy, Schrems I & II, EU-US Data Privacy Framework
- Standard Contractual Clauses (SCCs) & BCRs
- Article 49 derogations
- Transfer Impact Assessment (TIA) & EDPB guidance
- Cloud transfers & global vendor chains
- Law-enforcement access
- International transfers final exam
04 Domain IV - Scope & Accountability (Ch 201-250) 18 chapters
- Material & territorial scope
- Establishment in the EU & the targeting test
- Monitoring behavior & extraterritorial reach
- Exemptions (household, criminal data, public authorities)
- Accountability principle
- Data protection by design & by default
- DPIAs: criteria, high-risk processing, how to conduct
- Prior consultation mechanism
- Mandatory DPO: independence, tasks & requirements
- Vendor & processor accountability
- Joint-controller agreements
- Incident response plans & training
- Governance frameworks, data ethics & maturity models
- Supervision: lead SA, cooperation & consistency
- Administrative fines & categories
- Compensation claims & class actions
- Consequences of violations
- Domain IV final exam
05 Domain V - Compliance with European DP Law (Ch 251-325) 18 chapters
- Employment data: lawful basis, retention & monitoring
- Employee monitoring, BYOD & DLP
- Whistleblowing, works councils & remote-work compliance
- Biometric attendance & workplace video monitoring
- Surveillance: CCTV, geolocation & facial recognition
- Workplace surveillance & data minimization
- Direct marketing: ePrivacy + GDPR rules
- Opt-in vs opt-out & PECR
- Email, SMS & telemarketing rules
- Profiling & cookie-based targeting
- AdTech ecosystem & OBA guidelines
- Cross-device tracking & children in marketing
- Cloud computing & cloud contracts
- Cookies, banners & dark patterns
- Social media & platform liability
- AI/ML compliance & algorithmic transparency
- IoT, smart-home & app permission models
- Final Domain V master test
Explore the track
How you learn
- Self-paced with lifetime access
- Mentor-led cohorts
- Private corporate training
- Certificate and digital badge
CIPP/E Certification Prep - answered
What is the CIPP/E Certification Prep program?
An enterprise-grade, fully self-contained CIPP/E prep course based strictly on the IAPP CIPP/E Body of Knowledge 2025 - five domains, 250 chapters, each mapped to competencies and performance indicators.
How is it delivered?
It combines structured lessons with practical exercises and, where relevant, exam-aligned preparation. It is self-paced with lifetime access, and available as a mentor-led cohort or private corporate training.
Is it aligned to the official body of knowledge?
Yes. The curriculum is mapped to the current official body of knowledge for this credential. This is independent training and is not affiliated with or endorsed by the certifying body; it does not itself confer certification.
Who is it for?
Privacy, governance, compliance, and data professionals - and the teams around them - preparing for certification or building applied capability in this area.
Do I need prior experience?
Each program is structured so motivated learners can follow the full arc; certification tracks assume the background the relevant exam expects.
Is there a downloadable brochure?
Yes. A PDF brochure for this track is available from the download button on this page.
Can my organization run this privately?
Yes. It can be delivered as a private corporate cohort tailored to your context. Use the enquire button to scope it.
How do I enrol or enquire?
Use the enquire button to request details or a corporate cohort, and a specialist will respond.
CIPP/E Certification Prep for you or your team
Enquire about enrolment, or scope a private corporate cohort.