Right to be Forgotten: Erasure

Create awareness of customers’ Right to be Forgotten and ensure GDPR compliance

Key Learning Points:

  • Legal obligations of the Erasure process for organisations
  • Respond to a Right to be Forgotten customer request
  • How to request data removal from third parties
  • Additional measures necessary when handling children’s data
  • How the Right to be Forgotten forms an integral part of the GDPR

Course Overview

This engaging course outlines the various situations in which organisations are required to delete or stop processing an individual’s personal data without delay, including when an individual requests it under specific circumstances.

The course also covers the organisational policies and procedures to develop and follow when an organisation receives a request from an individual to either erase or stop processing their personal data.

The course looks at the specific situations such as when to refuse to comply with an individual’s request, how to deal with data shared with third parties and requests for erasure from children.

Course Details

  • Online microlearning course
  • Certificate on completion
  • Course can be tailored using Adapt Authoring Tool
  • Course can be tailored to meet your specific requirements

Course Contents

This course is published by Cylix

Tailored versions of the courses are available for the following sectors

Compatible for

Any Workplace

Public Sector




Fire & Rescue

The Assessment

Learners are challenged to a series of questions to test their knowledge and understanding of erasure and compliance with the GDPR. To successfully complete the course, learners must earn data protection shields – there are three in total to collect. Learners can also take the assessment again to improve their score.

2 Ways of Purchasing

You can purchase our courses individually or for even better value you can purchase the complete range of Compliance, Health and Safety or Performance Management courses in one neat bundle.

1. Individual Licenses

If you buy courses on an individual bases you pay a price per learner, per course per year. You can run these courses on your own LMS if Xapi/SCORM compliant or you can take them online.


2. Complete Bundle

Buy all of the Compliance, Health and Safety or Performance Training courses in one great value package and receive unlimited benefits including our AI driven Learning Experience Platform, Astute.

1. Individual Pricing

Number of Learners Cost (per year)
1 - 10
£34.50 / per learner
11 - 20
£29 / per learner
21 - 50
£23 / per learner
51 - 100
£17.50 / per learner
101 - 150
£11.50 / per learner
Exchange rates are updated regularly but are only intended as a guide.

2. Complete Bundle Pricing

If you buy all the Compliance, Health & Safety or Performance Training in a complete bundle, all features come as standard, no matter the size of your organisation!
Number of Learners Cost (per year)
50 - 100
£34.50 / per learner
101 - 200
£29 / per learner
201 - 300
£24.50 / per learner
301 - 400
£21 / per learner
401 - 500
£17.50 / per learner
501 - 750
£14.50 / per learner
751 - 1000
£11.50 / per learner
1001 - 2500
£9.50 / per learner
2501 - 5000
£7 / per learner
5000 - 10,000
£6 / per learner
10,000 +

Included Features

  • All courses in our catalogue
  • Our Learning Experience Platform ‘Astute’
  • New courses added regularly
  • Branded, downloadable posters
  • Customise Course Content for Your Team
  • Regular course updates
  • Dedicated Account Manager
  • Unlimited help desk support
Exchange rates are updated regularly but are only intended as a guide. Prices are based on a 2 year contract.

Why You Need This Training

Under the General Data Protection Regulation (GDPR), the Right to be Forgotten outlines an organisation’s legal obligation to take all reasonable steps to erase customer data including by any and all third parties with whom the data may have been shared.

The right to be forgotten (Erasure) applies in specific situations such as when an individual withdraws their consent or objects. Erasure also outlines the additional measures necessary when handling children’s data.


If you have any questions that are not covered here, please get in touch.

Under Article 17 of the GDPR, individuals have the right to have their personal data erased from data controllers and processors who hold them. The right to be forgotten only applies in certain circumstances such as the personal data is no longer necessary for the purpose the organisation originally collected data for, the organisation has processed the data unlawfully and if the individual withdraws their consent or objects to legitimate interests as basis for processing their personal data, direct marketing purposes.

Under Article 12.3 of the GDPR, organisations must comply with a legitimate request for erasure without undue delay and at the latest within one month of receipt of the request. Organisations should calculate the time limit from the day they receive the request (whether it is a working day or not) until the corresponding calendar date in the next month. This timeframe can also be extended up to 60 days depending on the complexity of the request.

For businesses, erasure falls under the scope of compliance with the GDPR but also best practice for data management. Erasure works to encourages businesses to be transparent and consider their customers’ rights and needs. For customers who are supplying their personal data to businesses, knowing that a business is complying with erasure requests increases their trust.

If you have any feedback about our products please contact us at [email protected]

7 Day Instant FREE Trial