DPO
Implementation of personal data protection in accordance with GDPR and other EU regulations
NA number
+1 438 300-0575
EU
+49 157 3367 4291
Телефон в Беларуси
+375339115929
Телефон в Украине
+380 94 710-00-99
Call
NA number
+1 438 300-0575
EU
+49 157 3367 4291
Телефон в Беларуси
+375339115929
Телефон в Украине
+380 94 710-00-99
search
+49 157 33674291
EU
+1 (438) 300-05-75
Canada
+1 (438) 300-05-75
US
+7 958 498-32-48
Russia
+375 33 911-59-29
Belarus
+380 94 710-00-99
Ukraine
linkedin
Viber
telegram
facebook
Печать
Home/Training courses/GDPR Data Privacy Professional (GDPR DPP)

GDPR Data Privacy Professional

Intensive data protection course GDPR DPP (GDPR Data Privacy Professional).

4 days of training from 9:00-16:00

Open and corporate formats

Online, Minsk, Moscow, Kiev

English, Russian 

Why should I choose this training?

1. The only regular GDPR course in the CIS region, which has endured the test of time and is still relevant to clients' needs.

2. GDPR Data Privacy Professional is a recognizable and recognized brand in the CIS.

3. More than a 100 graduates of the course have become DPOs and work in Russia, Belarus, Ukraine, Moldova, the UK, Germany, Lithuania, Latvia, Estonia and Cyprus.

4. The author and trainer of the course Siarhei Varankevich is the only CIPP/E (Certified Information Privacy Professional/Europe) and CIPM (Certified Information Privacy Manager) in the CIS (as of 2019).

5. Siarhei dealt with the GDPR in Germany and then, after returning to the Eastern Europe, with his team led more than 50 companies to comply with the GDPR. Therefore, our course is based on practice.

6. In addition to cases, Siarhei actively uses diagrams, flowcharts, practical exercises in mini-groups and simple metaphors.

7. You don't need to have a legal or technical background!

Description

  1. Your European partner asked “Are you GDPR compliant?
  2. You suspect that you may violate the Regulation, and face a 20 million fine, but you are not sure?
  3. You want to make sure to take the right steps in data protection?
  4. Your app faces removal from the Google Play Market or the App Store?
  5. You received a request to delete data?

These and other situations are a sign that it is time to take the GDPR seriously, but here is the problem. You started reading the Regulation, and nothing is clear. So many articles and recitals written in a complex language. So you do not know where to start, and you do not know exactly what to do in your organization. In addition, you do not have 2-3 years to understand all the nuances of the Regulation, explanations of numerous supervisory bodies, and judicial precedents.

 

Our course will help you:

  • Get answers to all these and many other questions;
  • Save years of self-study;
  • Start navigating the Regulation, and understanding the whole system;
  • Understand what specific measures need to be done in your organization;
  • Take the first steps in a new profession - Data Privacy Professional!
  • Apps and cloud solutions;
  • Outsourcing companies in IT;
  • E-shops;
  • Social networks;
  • Banks;
  • Medical and pharmaceutical companies;
  • Event agencies.
More
Hide

For whitch companies?

Outside the EU (in Belarus, Ukraine, Russia, etc.) the following organizations, working with personal data of people based in the EU, shall comply with the new GDPR:

  • Apps and cloud solutions;
  • Outsourcing companies in IT;
  • E-shops;
  • Social networks;
  • Banks;
  • Medical and pharmaceutical companies;
  • Event agencies.
  • Apps and cloud solutions;
  • Outsourcing companies in IT;
  • E-shops;
  • Social networks;
  • Banks;
  • Medical and pharmaceutical companies;
  • Event agencies.
More
Hide

Who needs this course?

  1. Information security, business continuity and risk-management professionals who need to carry out their tasks in accordance with Articles 32 and 35 of the GDPR, e.g. implementing encryption, pseudonymization, or incident management.
  2. Lawyers and Compliance Officers who need to choose a lawful basis for data processing according to Article 6 of the GDPR, determine terms of storage (Article 5), joint controllers and processors using a Data Processing Agreement (Articles 26 and 28), write a privacy policy (Articles 13 and 14), initiate transfers of personal data (Articles 44 and 46).
  3. Business owners who need to change internal processes according to Article 5 of the GDPR, conduct a risk assessment (Article 35), designate a Data Protection Officer (Articles 37-39), form a project team (working group) to implement the GDPR or check an external consultant.
  4. System architects, designers, developers, or testers who need to fulfill privacy by design requirements according to Article 25 of the GDPR, e.g. minimize stored data, limit data retention, implement privacy by default, etc.
  5. HRs who also need to spread the new data protection policies requirements among employees and to follow GDPR rules themselves. They process personal data during recruitment, training, employee relations, payroll, benefits and other processes.
  6. Marketers and sales managers who deal with e-marketing and follow-up letters, push notifications, chatbots, cold calling, remarketing and retargeting, promotions, lead gen, etc. and need to have a lawful basis for all of these processes according to Article 5 of the GDPR, valid consent (Article 7), non-sensitive data (Article 9), and to provide the data subjects with all required information (Articles 13 and 14).
  7. Contact center staff who may face data subjects requests and need to distinguish types of requests, forward them to a privacy officer or to respond to them in accordance with Articles 15-22 of the GDPR. For instance, they need to provide the data subject with his/her data after proper identification process.
  8. Technical support and IT-infrastructure divisions who deal with Records of Processing Activities in accordance with Article 30 of the GDPR and need to tackle automatic data deletion and reservation (Articles 5, 25 and 32).
  9. Risk management divisions and financial departments who need to know how to budget the GDPR implementation next year (trainings, new employees, consulting services, software, fines) according to Articles 24 and 28 of the GDPR.
  10. Consultants in the field of personal data protection, information security and law who need to apply the provisions of the Regulation and to help their clients with any requests related to the GDPR. And make it without causing harm, of course.

Trainer

Siarhei Varankevich CIPP/E, CIPM, MBA
Siarhei Varankevich CIPP/E, CIPM, MBA
Siarhei Varankevich. Certified Information Privacy Professional / Europe (CIPP/E) Certified Information Privacy Manager (CIPM)
Founder of Data Privacy Office LLC. Data Protection Trainer and Principal Consultant
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM). Started to work with the GDPR draft version, in 2015, in Munich. Defended his MBA thesis about the Regulation, in Bremen, in 2016

Siarhei delivered hundreds of consultations on GDPR issues to companies around the world. He helped to implement the GDPR program as an external project manager in over 50 companies.

In LinkedIn

Guest Expert

If they are available, we can invite one of these experts to cover a highly specialized topic.

Sergei Tchernyshenko CIPT, GDPR DPP
Sergei Tchernyshenko CIPT, GDPR DPP
Certified Information Privacy Technologist CIPT GDPR Data Privacy Professional (GDPR DPP)
Trainer in data protection technology and information security management
Certified Information Privacy Technologist (CIPT), GDPR Data Privacy Professional (GDPR DPP). Professional in the field of IT infrastructure, information security, risk management, and business continuity. Chief Information & Data Protection Officer, and member of the Directors Council at Intetics Inc.

Member of the International Association of Privacy Professionals (IAPP)

Olga Zavalniuk CIPP/E, CIPP/US
Olga Zavalniuk CIPP/E, CIPP/US
Сертификат Ольги Olga Zavalniuk. Certified Information Privacy Professional / US (CIPP/US) GDPR Data Privacy Professional (GDPR DPP)
Senior Consultant DPO LLC, Data Protection Officer
Expert in Data Privacy, Certified Information Privacy Professional (CIPP/E & CIPP/US - Europe & United States), member of International Association of Privacy Professionals (IAPP)

Olga provides consulting services, as well as external DPO support. Her practical experience in implementing the principles and concepts of personal data protection into day-to-day business acquired in the United States and subsequent work with European and former-USSR companies allows her to find solutions for a wide spectrum of clients.

Georg Philip Krog Cand. Jurd., LLM
Georg Philip Krog Cand.jur., LLM
Co-Founder of Signatu, Chief Legal Counsel, Cand.jur. and LL.M. Past: Researcher at the Faculty of Law, in Oslo, and Max Planck Institut, in Hamburg, and Fulbright Scholar at Harvard Law School and Stanford Law School

After the course you will be able to answer the following questions

privacy student
What is privacy?
How to define personal data under the GDPR?
privacy student
privacy student
What legal ground is necessary for collection of personal data and how long you can store it?
Who, how and when should be designated as Data Protection Officer?
privacy student
privacy student
How is risk assessment (DPIA) carried out?
What shall you write in your Privacy policy?
privacy student
privacy student
What should you do in case of data breaches?

Program

Click on"" to see details.

PRIVACY
The definition of privacy, information privacy and data protection. Types of information privacy
History of data privacy
Taxonomy of privacy by Daniel Solove
Social role of data privacy
Data protection law evolution overview
LAW
Data protection law acts, standards and regulations which are in force
Data privacy cases, precedents, guidelines
The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data №108
EU Directive 96/46
OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
EU members data protection law overview
GDPR
EU current data protection regulatory framework (GDPR+) overview
EU GDPR history
GDPR territorial and material scope
GDPR text structure (recitals, business related articles ect.)
GDPR related acts overview
Cases and precedents
Article 29 Working Group (Art29WP) and European Data Protection Board (EDPB) guidelines and opinions
National supervisory authorities (SAs) guidelines
Mapping of the Belarusian, Ukrainian and Russian data protection laws to the rules applicable in EU
Overview of risks, fines, responsibilities related to personal data processing
CONCEPT OF PERSONAL DATA
The concepts of personal data (PD), identifier, data subject
Biometric data
Formula of Persomal Data "(id-x)+info"
Cases of (non-)personal data
DATA PROCESSING. DATA CONTROLLERS AND PROCESSORS
Data processing and types of processing.
Profiling
Personal data anonymisation and pseudonymisation
Processing of special categories of personal data
Processing of children data
Data controller, joint controllers or separate controllers
Data processor
Responsibilities distribution between data controllers and processors
GDPR PRINCIPLES
Lawfulness and fairness of processing
Transparency of processing
Purpose limitation
Data minimisation
Storage limitation
Data accuracy
Integrity and confidentiality
Accountability
LAWFUL BASIS FOR PROCESSING
Review of six lawful bases for processing
Consent
Conditions for consent
Getting consent in UX
Contract
Legal obligation
Vital interest
Public interest
Legitimate interest
Balancing test of Legitimate Interest Assessment (LIA)
DATA SUBJECT RIGHTS
Modalities for exercise of the rights of the data subject
Right to information about processing
(Ru) Почему шаблон политики приватности вам не подойдет?
Right to access personal data
Right to rectification
Right to restriction of processing
Right to be forgotten (right to erasure)
Right to data portability
Right to object
Right to not be subject of automated decision-making
Data subject rights restriction
Nightmare letter from data subject case
DPIA AND PRIVACY RISK MANAGEMENT
Check-box approach vs risk based approach
Concept of risk
Risk likelihood and severity
GDPR terminology related to risks (high risk, likely etc.)
Data Protection Impact Assessment (DPIA) requirements
When you need DPIA
BIA (Business Impact Assessment) or SIA (Security Impact Assessment) as triggers for DPIA
Describing processing operations, personal data and supporting assets
Legal and risk-treatment controls
Risk sources, feared events, threats and risks
DPIA tools
INFORMATION SECURITY
GDPR requirements
Data breach notification of supervisory authorities and data subjects
Technical and organisational measures of managing information security risks
TRANS-BORDER TRANSFERS OF PERSONAL DATA
GDPR data transfers rules overview
Data transfers documenting
Data Processing Agreement (DPA)
Binding Corporate Rules (BCR)
Standard Contractual Clauses (SCC)
Codes of conduct and certifications
Data transfers derogations for specific situations
PRIVACY BY DESIGN
"Privacy by Design. The 7 foundational principles" by Ann Cavoukian review
Privacy by Default
Embeded Privacy
Full functionality - positive-sum
End-to-End Security - Lifecycle Protection
Data Protection Officer (DPO) and EU representative
Representative in EU
Data Protection Officer

Schedule

Place
Trainer
Siarhei Varankevich
Language
Russian
Place
Online
Format
Open format
Data
27 October - 30 October 09:00-16:00
Price
500 EUR
Trainer
Siarhei Varankevich
Language
Russian
Place
Kiev
Format
Open format
Data
3 November - 6 November 09:00-16:00
Price
19500 UAH
Trainer
Siarhei Varankevich
Language
Russian
Place
Online
Format
Open format
Data
8 December - 11 December 09:00-16:00
Price
500 EUR 450 EUR to 8 November
Trainer
Siarhei Varankevich
Language
Russian
Place
Online
Format
Open format
Data
9 February - 12 February 09:00-16:00
Price
500 EUR 450 EUR to 9 January
Trainer
Siarhei Varankevich
Language
Russian
Place
Online
Format
Open format
Data
6 April - 9 April 09:00-16:00
Price
500 EUR 450 EUR to 6 March
Trainer
Siarhei Varankevich
Language
Russian
Place
In recording
Format
Open format
Data
All time
Price
1100 BYN

Training format

4 full training days lasting 8 academic hours
8 practical exercises
32 real cases
4 color schemes
700 additional materials
87 test questions
1 GDPR DPP certificate for anyone, who passed the test

Online format

We use Zoom to organize the training. You can see the trainer and his screen, as well as ask him questions in real time using a mic or a webcam.

We will share with you an invitation link through a group chat in Telegram or WhatsApp.

Traditionally, the course is given from 9:00 to 16:00, with coffee breaks and a long lunch break from 12:00 to 13:00.

Technical requirements:

- mic and headphones;

- Internet connection for high-quality video call;

- Zoom app.

For maximum benefit, we recommend that you dedicate these days exclusively for the training.

More
Hide

Hurry up!

Online, Russian, Siarhei Varankevich, 27 October - 30 October, Open format
500 EUR *
*Minus VAT.

Certificate on completion

Certificate in English recognizable in CIS. Attachment to certificate include the course program. Training is an organizational measure, and is a duty reflected in the General Data Protection Regulation, Articles 24, 25, 28, 32, and 39. 

DPO Club

DPO Club membership

In case of successful completion of the course, you can join the DPO Club, a closed information privacy professionals community. General online meetings takes place every month. You can share your own experience and discuss the latest trends with other members at these meetings. There are more than 150 club members now. Our numbers grow stronger by the day!

Trained by us

Feedback

Epol Soft, LLC feedback
V. Tsilind
Director of Epol Soft, LLC
We got a full information about GDPR and drew up the plan of action for GDPR-compliance status. We got all the information with real cases and situations from our practice, with links to reliable sources in an accessible form.
Effective Soft, LLC feedback
Y. Shirokanov
Director of Effective Soft, LLC
The training on GDPR helps the leadership and staff of our company to estimate situation and to answer the questions about the necessity of implementation of new approaches, the sphere of the GDPR activity, risks and priorities in preparation for GDPR.
Intetics Belarus feedback
Valentin Kontsevoi
Director of Intetics Belarus
We especially want to mention the high qualification of Siarhei Varankevich, the trainer for this course. The strength of the teacher lies in his openness and his ability to establish contact with the audience, engage students and maintain interest in the subject matter.
Mobile Service, LLC feedback
Yu. V. Levdansky
Director of Mobile Service, LLC
In order to meet the needs of our clients one of our employees was sent to the Business School «TopSkills» from 16 January to 19 of January 2018 to attend the course «Data protection under GDPR», after the successful completion of which he received the certificate «Data Privacy Professional (GDPR DРР)».In this regard, we express our gratitude to the trainer and consultant Siarhei Varankevich, as well as to the entire team of «TopSkills» for their unique knowledge, professionalism and skill in the presentation of material, a systematic, competent and informative approach to the learning process.
ANP, LLC feedback
A. Pichugina
Director of ANP, LLC
It is worth mentioning the remarkable organization of the course: availability of handouts, clarity, and interactivity of information presentation, comfortable atmosphere. A small number of students in the group allows the trainer to pay attention to each of them.
Ketenci Law Minsk Office feedback
Yulia Krivorot
Director of Ketenci Law Minsk Office
The leadership of Ketensi Law Minsk Office attended the course «Data protection under GDPR» during the period from 15 January to 18 January 2019 to meet the needs of their clients from the EU. This course helps to understand in detail the main provision of GDPR, realize the need for introduction of new approaches, weigh the risks and priorities in accordance with the rules of GDPR.
I-Teco Company feedback
Igor Zhelezniak
Head of consulting department of I-Teco Company
The team of I-Teco Company expresses sincere gratitude to the Data Privacy Office for the high quality presentation and useful GDPR cases.
Positive Technologies feedback
Artyom Bystrov
Lawyer
As a lawyer, I really liked the Data Privacy Technology course. The DPP course in Russia was not as qualified as they could. I believe the best courses on GDPR. Moreover, Sergey Voronkevich perfectly understood that everyone has an opportunity. Very useful schemes - they allow you to visually memorize information and remember it in seconds.
Positive Technologies feedback
Kristina Goncharenko
Senior Legal Counsel
I want to thank colleagues from Data Privacy Office for their professionalism, customer focus, excellent organization, as well as flexibility and sensitivity in relation to all students in the courses. Data Privacy Professional courses provide the foundation for GDPR, all information is given in a structured, understandable way. I believe that at the moment these are the best GDPR rates that exist on the Russian market.
LetyShops
Elena Makarenko
Product Lawyer at LetyShops
I took the course after quite a long study of the Regulations. I can say that knowledge was detailed and deepened unambiguously. Moreover, the position given on the course correlates with the positions of the EU national data protection regulators, i.e. it can be assumed that this very “interpretation” of the Rules is correct and will help to avoid future troubles.
Global University Systems GUS
Ilya Nazarov
Head of digital competence centre в Global University Systems GUS
For work tasks, the task of deep immersion in the subject of GDPR arose. The search for courses showed that the only organization specialized in consulting and education on this topic is Data Privacy Office. Further my estimates  1. The process of organizing training – 5 out of 5. Special thanks to Pauline.  2. Direct […]
IPChain Association
Mikhail Bass
Senior lawyer в IPChain Association
I really want to thank the organizers of the course "GDPR Data Privacy Professional (GDPR DPP)" and personally Sergey Voronkevich, who is very accessible and at the same time professionally teaches such complex things as Data Privacy. Thanks to careful processing and adaptation, the material is really easy to digest.  I also want to express my special thanks to Anton Poddubitsky for his assistance and assistance in organizing the course.
LLC “Svyaz VSD”
O.S. Ermakova
Senior Legal Advisor and Compliance Specialist
We would like to separately thank you for the training program “GDPR Data Privacy Professional (GDPR DPP)” organized by you. Among the many advantages of the program, we would like to highlight the significant experience in the field of privacy protection and the high professionalism of the trainer S. Voronkevich. We hope for continued cooperation and will certainly recommend the company Date Privacy Office as a reliable and highly professional business partner.
Azati feedback
Stanislau Burba
Deputy director of Azati, LLC
During this short but extremely informative course, our trainer managed to form a vision for our team about the personal data. From the practical side, he explained what we have to do to comply with the GDPR requirements. We had high expectations, but the course surpassed them. Trainer sowed seeds for our further deepening in the subject of a competent approach to working with personal data.
Motor Sich Airlines feedback
Gennadiy Maslov
CEO of Motor Sich Airlines
The team of Motor Sich Airlines would like to note the wonderful organization of the course, the presence of handouts, the visibility and interactivity of the presentation of information, a comfortable atmosphere.
Altoros Development, LLC feedback
D. Lazovskii
Deputy director of Altoros Development, LLC
The unique knowledge and individual approach during the training of our staff allow to speak about high professionalism of the Business School «TopSkills». We must also mention high professionalism of a trainer Siarhei Varankevich. We thank for a systemic and informative approach to the training process, presentation of material in accessible form and practical guidance. This course allows us not only to minimize potential risks, related to new requirements of European legislation, but to form own expert team which helps our clients with processing of personal data questions.

Apply

Sign up








Services
Company
Contacts
+49 157 3367 4291
EU
+1 (438) 300-05-75
US
+1 (438) 300-05-75
Canada
+7 (958) 498-32-48
Russia
+375339115929
Belarus
+380 94 710-00-99
Ukraine
Our social networks
linkedin
facebook
Печать
© LLC DPO. All rights reserved.

All third party trademarks (including logos and icons) referenced remain the property of their respective owners.

Privacy Policy
Limited Liability Company "Data Privacy Office"
Registration number 193051454
The course is loading, wait a few seconds