GDPR Data Privacy Manager

Intensive course GDPR DPM (Data Privacy Manager)
from 16 June to 19 June2020
70 000
63 000
Early bird price (until 2 June)

Trained by us


  • Не можете выбрать рабочие инструменты для проектной группы?
  • Уже предприняли какие-то шаги по внедрению, но так и не довели до конца?
  • Озабочены релизом ISO 27701?
  • Готовитесь к международной сертификации CIPM, но материалов не хватает?

Данный курс ответит на эти и другие практические вопросы по реальному внедрению GDPR в вашей компании. Предназначен для тех, кто прошел основной курс GDPR Data Privacy Professional (GDPR DPP) и уже представляет, ЧТО нужно делать. Самое время разобраться, КАК это делать системно. собой практическое обучение по формированию и поддержанию полноценной системы защиты персональных данных.

По итогам курса вы сможете войти в состав или возглавить проектную команду по внедрению GDPR, сформировать и поддерживать полноценную систему защиты персональных данных и привести свою компанию к соответствию регламенту.

Who needs this course?

  1. Information security, business continuity and risk-management professionals who need to carry out their tasks in accordance with Articles 32 and 35 of the GDPR, e.g. implementing encryption, pseudonymization, or incident management.
  2. Lawyers and Compliance Officers who need to choose a lawful basis for data processing according to Article 6 of the GDPR, determine terms of storage (Article 5), joint controllers and processors using a Data Processing Agreement (Articles 26 and 28), write a privacy policy (Articles 13 and 14), initiate transfers of personal data (Articles 44 and 46).
  3. Business owners who need to change internal processes according to Article 5 of the GDPR, conduct a risk assessment (Article 35), designate a Data Protection Officer (Articles 37-39), form a project team (working group) to implement the GDPR or check an external consultant.
  4. System architects, designers, developers, or testers who need to fulfill privacy by design requirements according to Article 25 of the GDPR, e.g. minimize stored data, limit data retention, implement privacy by default, etc.
  5. HRs who also need to spread the new data protection policies requirements among employees and to follow GDPR rules themselves. They process personal data during recruitment, training, employee relations, payroll, benefits and other processes.
  1. Marketers and sales managers who deal with e-marketing and follow-up letters, push notifications, chatbots, cold calling, remarketing and retargeting, promotions, lead gen, etc. and need to have a lawful basis for all of these processes according to Article 5 of the GDPR, valid consent (Article 7), non-sensitive data (Article 9), and to provide the data subjects with all required information (Articles 13 and 14).
  2. Contact center staff who may face data subjects requests and need to distinguish types of requests, forward them to a privacy officer or to respond to them in accordance with Articles 15-22 of the GDPR. For instance, they need to provide the data subject with his/her data after proper identification process.
  3. Technical support and IT-infrastructure divisions who deal with Records of Processing Activities in accordance with Article 30 of the GDPR and need to tackle automatic data deletion and reservation (Articles 5, 25 and 32).
  4. Risk management divisions and financial departments who need to know how to budget the GDPR implementation next year (trainings, new employees, consulting services, software, fines) according to Articles 24 and 28 of the GDPR.
  5. Consultants in the field of personal data protection, information security and law who need to apply the provisions of the Regulation and to help their clients with any requests related to the GDPR. And make it without causing harm, of course!

After the course you can answer the following questions

privacy student
What systems and processes are necessary to implement in order to comply with the GDPR?
How to find the necessary resources?
privacy student
privacy student
How to put a project team together?
What measures should you take in the first place?
privacy student
privacy student
How to assess the effectiveness of the project team and the process of implementing the GDPR?


Siarhei Varankevich CIPP/E, CIPM, MBA
Co-Founder & CEO of Data Privacy Office LLC. Data Protection Trainer and Principal Consultant
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM). Started to work with the GDPR draft version, in 2015, in Munich. Defended his MBA thesis about the Regulation, in Bremen, in 2016

Siarhei delivered hundreds of consultations on GDPR issues to companies around the world. He helped to implement the GDPR program as an external project manager in over 50 companies.

In LinkedIn



Клик на "" откроет описание каждого пункта.

Mission and strategy of privacy program
Principle of accountability
Identification of personal data within organization and applicable laws
Scope and chapter of privacy program
Positioning of personal data protection direction and Data Protection Officer in the organisation
Roles and responsibilities distribution between privacy program stakeholders
Development of internal standards, policies and guidencies
Defining privacy program activities
Communicating the framework to internal and external stakeholders
Metrics of privacy program
Assess and protect
Enterprise privacy risk assessment
Processors and third party vendors assessment
Data protection impact assessment (DPIA)
Data life cycle (creation to deletion)
Information Security
Sustain and align
Measure (costs of technical controls, data retention periods)
Integration of privacy requirements into functional areas across organization
Auditing: a) compliance with privacy policies and standards; b) integrity and quality of data; c) access, modification and disclosure of personal data
Communication (awareness and training of employees and contractors)
Responding to the requests from data subjects and supervisory authorities
Responding to privacy incidents

Online format

We use Zoom to organize the training. You can see the trainer and his screen, as well as ask him questions in real time using a mic or a webcam.

We will share with you an invitation link through a group chat in Telegram or WhatsApp.

Traditionally, the course is given from 9:00 to 16:00, with coffee breaks and a long lunch break from 12:00 to 13:00.

Technical requirements:

- mic and headphones;

- Internet connection for high-quality video call;

- Zoom app.

For maximum benefit, we recommend that you dedicate these days exclusively for the training.


Training format

4 full training days lasting 8 academic hours
Real cases and additional materials
GDPR DPM certificate


Standard fee:
70 000 RUB *
Early bird:
63 000 RUB *
Save money today!
*Minus VAT. For first 10 applications only









before the early bird ends!

Certificate on completion

Certificate in English recognizable in CIS. Attachment to certificate include the course program. Training is an organizational measure, and is a duty reflected in the General Data Protection Regulation, Articles 24, 25, 28, 32, and 39.

Sample Certificate GDPR Data Privacy Professional - GDPR DPM



Sign up