Become ready for the CIPP/E

cippe prep

The best way to prepare for the CIPP/E

This course is specifically created for busy professionals that are looking to pass the CIPP/E as quickly and with as little hassle as possible. If you feel like you don’t know where to start with your preparation, or are exhausted from reading the tons of GDPR material, then this course is for you.

I’ll walk you through the entire material and provide you with short and accessible summaries and lectures. Say goodbye to having to work it out all by yourself and let an experienced legal professional with data protection experience help you prepare with ease.

After this course, students will be able to

  • Know and understand the core concepts of the GDPR, and
  • Be ready to sit the CIPP/E.

CIPP/E Preparation

contains the most important things you need to pass the exam, including:


Short, self-paced, bite-sized videos explaining the most important concepts, followed by short practice questions.

Revision Notes

Short summaries of the most important information contained in each module and the guidelines that will save you hours of making your own notes.

Mock Exam

One full-length 90-question PDF downloadable mock exam that will prepare you for the actual exam and help you pass with confidence.

cippe revision notes

For a pre-view of a lecture, click here.

For an excerpt of free practice questions, click here.

Your can get a pre-view of what the course looks like inside here

IMPORTANT: The only thing I would recommend getting in addition to CIPP/E preparation is the recommended textbook, "European Data Protection, Second Edition" by Eduardo Ustaran.

How is CIPP/E Preparation different?

Comprehensive materials covering the IAPP body of knowledge

Money-back guarantee*

Personal Support

via e-mail and chat (subject to availability).

*You have up to 7 days from the date of purchase to change your mind. You will be refunded - no questions asked.

What does CIPP/E Preparation cover?

CIPP/E Preparation is closely aligned to the official IAPP body of knowledge, so that you are fully prepared for the exam. Here is an exact breakdown of what each module of CIPP/E Preparation contains:

Module 1 - History of European Data Protection Law

a) Purpose 

b) Instruments giving an impetus to create Data Protection Laws 

c) Timeline of Data Protection Laws 

d) Data Protection Directive vs General Data Protection Regulation

e) Related Legislation & Instruments 

f) Brexit 

Module 2 - The European Union's Institutions

a) Overview  

b) European Parliament (“EP”)

c) European Council 

d) Council of the European Union 

e) European Commission 

f) Court of Justice of the European Union  

Module 3 - Legislative Framework

a) Overview 

b) Council of Europe Convention (Convention 108)

c) Data Protection Directive 

d) General Data Protection Regulation 

e) Law Enforcement Data Protection Directive 

f) Privacy and Electronic Communications Directive 

g) EU Directive on Electronic Commerce

h) Directive on Security of Network and Information Systems 

i) Data Retention Directive 

Module 4 - Data Protection Concepts

a) Personal Data

b) Sensitive personal data 

c) Processing 

d) Controller 

e) Processor 

f) Data Subject 

Summary of Guidelines 07:2020 on the concepts of controller and processor in the GDPR

Module 5 - Territorial and Material Scope of the GDPR

a) Territorial Scope 

b) Material scope 

Summary of Guidelines 3:2018 on the territorial scope of the GDPR - Art. 3

Module 6 - Data Processing Principles

a) Introduction 

b) Lawfulness, fairness and transparency

c) Purpose limitation 

d) Data minimisation 

e) Accuracy 

f) Storage limitation 

g) Integrity and confidentiality 

Module 7 - Lawful Processing Criteria

7.1. Lawful Processing Criteria

a) Introduction 

b) Consent

c) Contractual necessity 

d) Legal obligation 

e) Vital interests 

f) Public interests 

g) Legitimate interests 

7.2. Lawful Processing Criteria - Special Categories of Personal Data 

a) Introduction 

b) Explicit consent 

c) Legal obligations under employment/social protection law 

d) Vital interests 

e) Legitimate activity of a not-for-profit body  

f) Publicly available 

g) Legal claim

h) Substantial public interest 

i) Medical purpose 

j) Public health 

k) Public interest, scientific or historical research purposes, or statistical purposes

Module 8 - Information Provision Obligations

a) Introduction

b) Article 13  

c) Article 14  

d) When additional information must be provided 

e) When and how

f) Fair processing notices  

g) Exemptions 

Module 9 - Data Subjects’ Rights

a) Introduction

b) Right of access  (Art. 15) 

c) Right to rectification (Art. 16) 

d) Right to erasure (Art. 17) 

e) Right to restriction of processing (Art. 18) 

f) Notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19)

g) Right to data portability (Art. 20) 

h) Right to object (Art. 21) 

i) Right to not be subject to automated decision-making (Art. 22) 

Summaries of

  • Guidelines 52019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR 
  • Guidelines 10:2020 on restrictions under Article 23 GDPR
Module 10 - Security of Personal Data

a) Introduction

b) Appropriate technical and organisational measures

c) Breach Notification  

d) Vendor Management

e) Data Sharing


Module 11 - Accountability Requirements

a) Introduction

b) Responsibility of controllers

c) Article 25 - Data protection by design and by default 

d) Record keeping and co-operation with regulators 

e) Data protection impact assessment 

f) Data protection officer 

g) Auditing of privacy programs

Module 12 - International Data Transfers

a) Introduction 

b) What is a transfer? 

c) Adequacy Decisions 

d) Adequate Safeguards 

e) Derogations 

f) Transfers to the US 

g) Transfer Impact Assessments

Summaries of 

  • Guidelines 05:2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR
  • Guidelines 04:2021 on codes of conduct as tools for transfers
  • Guidelines 02:2018 on derogations of Article 49 under Regulation 2016:679
  • Recommendations 01:2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data
Module 13 - Supervision and Enforcement

a) Introduction 

b) Self-regulation 

c) Data subject rights 

d) Regulator supervision

e) International cooperation 

Module 14 - Consequences of GDPR Violations

a) Introduction 

b) Process and procedures 

c) Fines 

d) Data Subject Compensation 

e) Class Actions

Module 15 - Employment Relationships

a) Introduction 

b) Legal basis for processing of employee data 

c) Storage of personnel records 

d) Workplace monitoring and data loss prevention 

e) EU Works councils 

f) Whistleblowing systems 

g) ‘Bring your own device’ (BYOD) programs

Module 16 - Surveillance Activities

a) Introduction 

b) Regulation of surveillance  

c) Communications surveillance 

d) Video surveillance 

e) Biometric data/facial recognition  

f) Location data  

Summary of Guidelines 3:2019 on processing of personal data through video devices

Module 17 - Direct Marketing

a) Introduction 

b) Regulation of direct marketing 

c) Specific types of marketing +

Summary of Guidelines 8:2020 on the targeting of social media use

Module 18 - Internet Technology and Communications

a) Introduction 

b) Cloud computing 

c) Cookies

d) Search engines

e) Social networking services (SNS)

f) Artificial Intelligence 

Why do I need a preparation course?

When I started preparing for the CIPP/E in October 2021, I searched for a long time for an affordable preparation course. I work full time and really struggled with concentrating on just the textbook chapters after a long day at work. I just wanted someone to tell me what I needed to know.

I couldn't find any course that fit my budget and contained what I was looking for, so I painfully researched the contents of the GDPR and material required. It took forever to read, summarise and understand.

I passed on my first attempt, but I know many others that didn't and had to pay extra to re-sit.

I really want to save others the pain of having to go through the material so inefficiently, and spending hour having to work out what is necessary and what isn't.

That is what inspired me to build this course. Trust me - this course contains everything I wish I had when I was studying for the CIPP/E.

I would have killed for having this course (seriously!)

Save Time.

Going through the CIPP/E textbook and the GDPR without any guidance is time-consuming. If you work full time, it helps so much to have all the material laid out.

Save Money.

Doing resits can be a costly exercise - with a prep course, you are more likely to pass first time and save yourself to pay for a resit. 

Enjoy your Studies.

Going through a structured course with someone explaining the core concepts is more engaging than just reading a textbook!

What is the CIPP/E?

The International Association of Privacy Professionals (IAPP) is a non-profit organisation that provides privacy and data protection education and certifications.


The Certified Information Privacy Professional/Europe Exam or (CIPP/E for short) is set by the IAPP and consists of 90 multiple-choice questions. 75 questions are graded and you have 2.5 hours.


You can sit and schedule the CIPP/E in any PearsonVue Centre or often, even remotely through your own laptop.


For more information, resources and booking the actual exam, check out the Official IAPP page.

Why take the CIPP/E?

Increase your career opportunities

Increase your career opportunities

Many corporate, legal and compliance and roles require having passed the CIPP/E. You will make your CV stand out in a competitive job market if you have passed the CIPP/E.

If you want to pursue a career as a privacy professional, or be considered for privacy opportunities, you will definitely need the CIPP/E.

Therefore, there has never been a better time to become privacy certified with the CIPP/E. 

Increase your salary

Increase your salary

Passing the CIPP/E can help you negotiate a higher salary in your current role or be considered for privacy role opportunities. 

What a lot of people don’t know is that there is quite a bit of money in privacy careers. Did you know that the average salary of privacy counsels in the UK as of 2023 os £84,604 per year?

To get your foot in the door in the privacy world and be considered for these roles and salaries, the CIPP/E is a must.

Who will teach me?

madeleine weber

Hi there

My name is Madeleine Weber!

I have been working as a legal professional for half a decade, predominantly in the IT industry as an in-house counsel.

My day-to-day job as an in-house SaaS lawyer involves a lot of data protection matters, such as drafting and negotiating of data processing agreements. I have years' of experience in data protection law and the EU GDPR, in particular.

However, I found that in order to progress in my career, I had to prove that knowledge by passing the CIPP/E and becoming a certified privacy professional.

I sat the exam in November 2021 and passed on my first attempt.

I am so excited to be in a position to provide you with a course that I wish I had when I studied for the CIPP/E.


Don't just take my word for it! See what others had to say:


What else do I need to pass the CIPP/E?

You will need to purchase the latest edition of the recommended textbook: European Data Protection by Eduardo Ustaran. 

You will also need to budget costs to book and sit the CIPP/E exam (remember, to be certified, you will also need to become a member of IAPP) - always check the IAPP website for the latest fees (at the moment, the exam fee is $550 and the membership fee is $250).

Bear in mind that this preparation course DOES NOT CONTAIN the actual exam, the membership, nor the textbook. 

For a step-by-step overview of what is needed to become a Certified Information Privacy Professional, please click here.

How long will I have access to the course?

You will have access for 1 year from the date of purchase. 

What exactly is contained in the course?

You will receive access to the following: 

  • Lectures covering 18 modules (total run time circa 4-5 hours)
  • Short practice questions at the end of most lectures
  • Written summaries covering 18 modules & summaries of all relevant guidelines
  • An overview of the GDPR 
  • Suggested study plan  
  • 1x 90-question mock exam 
Can I get a sneak peak of what the course looks like?

Yes, you can see what the course looks like from the inside by viewing the Course Orientation video here.

Will I be able to access the course offline as well?

All materials are downloadable and usable offline.

The course is provided via Teachable. All materials will be available on all your devices either via a web browser or via the Teachable app. 

What is your refund policy?

If you are unhappy about any aspect of the course, do let me know and I will do my best to sort the issue out for you.

If you wish to un-enrol for any other reason, you have up to 7 days from the date of purchase to change your mind and request a full refund - no questions asked. 

Additionally, if you sit and fail the CIPP/E, you may remain enrolled in the course at no extra charge until you pass.


(*incl. 20% VAT - note that subject to your location this may change)