Cyber Security Training & Software for Companies | MetaCompliance


Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters



Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 

Financial Services

Creating A First Line Of Defence For Financial Service Organisations


A Go-To Security Awareness Solution For Governments


A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives



From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

MetaCompliance | Cyber Security Training & Software for Employees


With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes


Meet the MetaCompliance Leadership Team


Stay informed about cyber awareness training topics and mitigate risk in your organisation.

The Top 5 GDPR Myths

gdpr checklist

about the author

Share this post

The General Data Protection Regulation (GDPR) comes into force on the 25th May and will completely overhaul how businesses process and handle data and give individuals a greater control over who collects and processes their data, what it is used for, and how it is being protected.

Despite the May deadline edging ever closer, there are still a number of myths surrounding the GDPR that need dispelled.


Myth 1: Every company needs to appoint a DPO

This is false. Only certain organisations will need to appoint a Data Protection Officer (DPO) under the GDPR.

 You must appoint a DPO if:

  • you are a public authority
  • your core activities require large scale, regular and systematic monitoring of individuals
  • your core activities consist of large scale processing of special categories of data or data relating to criminal convictions and offences

The DPO should be an expert in GDPR and privacy practices, as they are responsible for the monitoring and reporting of GDPR compliance.

DPO’s are expected to help guide Data Controllers and Data Processors by auditing internal compliance and suggesting suitable corrective recommendations where necessary. DPO’s are also expected to act in an independent manner within the organisation.

Myth 2: GDPR only affects European companies

This is false. Although the GDPR is a European regulation, it has wider implications. It doesn’t matter where in the world you are located, if your company is based outside the EU but engages in business transactions with an individual based in Europe, then the GDPR will apply.

Similarly, if a business is headquartered outside the EU but has European operations, it must also comply. GDPR is about personal data and the locality of the person when their data is collected. This is what determines the applicability of the regulation.

Myth 3: GDPR won’t apply to the UK because of Brexit

This is false. The GDPR will still apply after Brexit. The GDPR is designed to regulate how organisations process and control the personal data of EU citizens, regardless of where they are located. The UK will not leave the European Union until April 2019 so European law will continue to apply within the UK.

Myth 4: Fines are the biggest threat to your business

This is False. Although organisations in breach of the GDPR can be faced with fines of up to 4% of annual global turnover or 20 Million Euros, there are a range of other problems non-compliant businesses face.

The GDPR requires that organisations disclose any personal data breaches to the relevant supervisory authority within 72 hours of detection.  If the breach results in a high risk of affecting an individual’s rights and freedoms, then the individual must also be notified with immediate effect.

This uncertainty and loss of data could result in customers leaving and switching to competitors. The loss of consumer confidence could in turn damage the reputation of a business and result in a loss of revenue.

Myth 5: Consent is the only way to process data

This is false. A large number of organisations are under the assumption that consent is the only legal basis for processing personal data. Consent is just one of six legitimate purposes that are required for all processing of personal data.

Under the GDPR, ‘lawful processing’ is only possible when:

  • There is consent from the data subject
  • Processing is necessary for the performance of a contract with the data subject
  • Processing is necessary to comply with a legal obligation
  • Processing is necessary to protect the vital interests of a data subject or another person
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  • Processing is necessary for the purposes of legitimate interests pursued by the controller or a third party, except where interests are overridden by the interests, rights or freedoms of the data subject

If you are unsure if your business is on the right track to GDPR compliance, contact us to find out how we can help. MetaPrivacy has been specifically designed to provide the best practice approach to data privacy compliance.

Other Articles on Cyber Security Awareness Training You Might Find Interesting