GDPR Data Privacy Manager

Intensive course GDPR DPM (Data Privacy Manager)
from 17 November to 20 November2020
09:00-16:00 MSK
70 000

Trained by us


  • Can't choose work tools for the project team?
  • Have you already taken any steps to implement, but have not yet been completed?
  • Concerned with the release of ISO 27701?
  • Get ready for international CIPM certification, but materials are scarce?

This course will answer these and other practical questions on the actual implementation of GDPR in your company. Designed for those who have taken the basic course GDPR Data Privacy Professional (GDPR DPP) and already have an idea WHAT to do. It's time to figure out HOW to do this systematically. The course is a practical training on the formation and maintenance of a complete personal data protection system.

Based on the results of the course, you will be able to join or lead the project team for the implementation of GDPR, form and maintain a full-fledged system for protecting personal data and bring your company in compliance with the regulations.

Who needs this course?

  1. Information security, business continuity and risk-management professionals who need to carry out their tasks in accordance with Articles 32 and 35 of the GDPR, e.g. implementing encryption, pseudonymization, or incident management.
  2. Lawyers and Compliance Officers who need to choose a lawful basis for data processing according to Article 6 of the GDPR, determine terms of storage (Article 5), joint controllers and processors using a Data Processing Agreement (Articles 26 and 28), write a privacy policy (Articles 13 and 14), initiate transfers of personal data (Articles 44 and 46).
  3. Business owners who need to change internal processes according to Article 5 of the GDPR, conduct a risk assessment (Article 35), designate a Data Protection Officer (Articles 37-39), form a project team (working group) to implement the GDPR or check an external consultant.
  4. System architects, designers, developers, or testers who need to fulfill privacy by design requirements according to Article 25 of the GDPR, e.g. minimize stored data, limit data retention, implement privacy by default, etc.
  5. HRs who also need to spread the new data protection policies requirements among employees and to follow GDPR rules themselves. They process personal data during recruitment, training, employee relations, payroll, benefits and other processes.
  1. Marketers and sales managers who deal with e-marketing and follow-up letters, push notifications, chatbots, cold calling, remarketing and retargeting, promotions, lead gen, etc. and need to have a lawful basis for all of these processes according to Article 5 of the GDPR, valid consent (Article 7), non-sensitive data (Article 9), and to provide the data subjects with all required information (Articles 13 and 14).
  2. Contact center staff who may face data subjects requests and need to distinguish types of requests, forward them to a privacy officer or to respond to them in accordance with Articles 15-22 of the GDPR. For instance, they need to provide the data subject with his/her data after proper identification process.
  3. Technical support and IT-infrastructure divisions who deal with Records of Processing Activities in accordance with Article 30 of the GDPR and need to tackle automatic data deletion and reservation (Articles 5, 25 and 32).
  4. Risk management divisions and financial departments who need to know how to budget the GDPR implementation next year (trainings, new employees, consulting services, software, fines) according to Articles 24 and 28 of the GDPR.
  5. Consultants in the field of personal data protection, information security and law who need to apply the provisions of the Regulation and to help their clients with any requests related to the GDPR. And make it without causing harm, of course!

After the course you can answer the following questions

privacy student
What systems and processes are necessary to implement in order to comply with the GDPR?
How to find the necessary resources?
privacy student
privacy student
How to put a project team together?
What measures should you take in the first place?
privacy student
privacy student
How to assess the effectiveness of the project team and the process of implementing the GDPR?


Siarhei Varankevich CIPP/E, CIPM, MBA
Co-Founder & CEO of Data Privacy Office LLC. Data Protection Trainer and Principal Consultant
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM). Started to work with the GDPR draft version, in 2015, in Munich. Defended his MBA thesis about the Regulation, in Bremen, in 2016

Siarhei delivered hundreds of consultations on GDPR issues to companies around the world. He helped to implement the GDPR program as an external project manager in over 50 companies.

In LinkedIn



Клик на "" откроет описание каждого пункта.

Mission and strategy of privacy program
Principle of accountability
Identification of personal data within organization and applicable laws
Scope and chapter of privacy program
Positioning of personal data protection direction and Data Protection Officer in the organisation
Roles and responsibilities distribution between privacy program stakeholders
Development of internal standards, policies and guidencies
Defining privacy program activities
Communicating the framework to internal and external stakeholders
Metrics of privacy program
Assess and protect
Enterprise privacy risk assessment
Processors and third party vendors assessment
Data protection impact assessment (DPIA)
Data life cycle (creation to deletion)
Information Security
Sustain and align
Measure (costs of technical controls, data retention periods)
Integration of privacy requirements into functional areas across organization
Auditing: a) compliance with privacy policies and standards; b) integrity and quality of data; c) access, modification and disclosure of personal data
Communication (awareness and training of employees and contractors)
Responding to the requests from data subjects and supervisory authorities
Responding to privacy incidents

Training format

4 full training days lasting 8 academic hours
Real cases and additional materials
GDPR DPM certificate


70 000 RUB *
*Minus VAT. For first 10 applications only









before start!

Certificate on completion

Certificate in English recognizable in CIS. Attachment to certificate include the course program. Training is an organizational measure, and is a duty reflected in the General Data Protection Regulation, Articles 24, 25, 28, 32, and 39.

Sample Certificate GDPR Data Privacy Professional - GDPR DPM


This is an online course, so you can participate from all over the world!
Any questions?


Sign up