Home/Training courses/GDPR Data Privacy Professional (GDPR DPP)

GDPR Data Privacy Professional

Data protection training for beginners delivered by CIPP/E, CIPM, CIPT, FIP certified trainer.

Date: January 17 - February 2

Open and corporate formats

Online

English, Russian languages of instruction

Why should I choose this training?

Intensive data protection course GDPR DPP has withstood the test of time and is still relevant to clients' needs. Why? We upgrade the course with new information, news and cases every month. We try to keep our students up to date.
More than 2000 graduates of the course have become DPOs and work in the UK, Germany, Lithuania, Latvia, Estonia and CIS.

The author and trainer of the course Siarhei Varankevich started his journey in the GDPR world in Germany. Now he is a Certified Information Privacy Professional/Europe (CIPP/E), Certified Information Privacy Manager (CIPM), CIPT (Certified Information Privacy Technologist) and IAPP Fellow of Information Privacy (FIP).
Our course is based on practice. Of course, you will learn theory but only using modern technologies like diagrams, flowcharts. Siarhei shares his own methodology with students. Key point of the course is practical knowledge. Together we will solve 32 cases from our clients and world-known corporations.
One man, no man. Making first steps alone in the privacy sphere can lead you to many mistakes and misunderstanding. Our course is recognized by our clients because of unique knowledge and strong network, which you can get. Once you are our student - forever our partner. All our students are invited in our virtual networking space where you can communicate with other experts, find answers to your questions, get exclusive offers and grow!
You don't need to have a legal or technical background! Do not be afraid if you are a beginner. Siarhei can explain everything in simple words and help you to go through difficult moment

Description

Nevertheless, GDPR came into force in 2018, still there are lots of questions and not many qualified specialists that can protect companies from paying fines and data breaches. We are sure, you can find yourself in such questions:

Do I make the right steps in data protection?
Don’t I violate the Regulation?
Why do clients request to delete data?
Why was our app removed from the Google Play Market or the App Store?

These and other situations are a sign that it is time to take the GDPR into consideration. Data privacy is a rather serious topic, any mistake can lead to millions in fines and lose a company's reputation. But only if the company does not have a professional who can manage the data and make business friendly for clients. GDPR Data Privacy Professional course is not about separate pieces of information that you should learn. GDPR DPP is about methodology and how it works, it is your step-by-step path to data compliance. We open you a door to the actual and well-paid profession. What are you waiting for?

By the end of the course, you will:

Understand how to succeed in a privacy sphere
Implement GDPR concepts in your workflow
Help your company save millions EUR avoiding paying fines
Have already made your first step in a new profession - Data Privacy Professional!

Hide

For which companies?

First of all, the following companies must comply with the GDPR:

Apps and cloud solutions;
Outsourcing companies in IT;
E-shops;
Social networks;
Banks;
Medical and pharmaceutical companies;
Event agencies;
Apps and cloud solutions;
Outsourcing companies in IT.

Trainer

Siarhei Varankevich CIPP/E, CIPM, CIPT, MBA, FIP

Certified Information Privacy Technologist CIPT

Founder of Data Privacy Office LLC. Data Protection Trainer and Principal Consultant
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT). Started to work with the GDPR draft version, in 2015, in Munich. Defended his MBA thesis about the Regulation, in Bremen, in 2016. In 2020, he was awarded the title of IAPP Fellow of Information Privacy (FIP) thanks to the recommendations of respected experts.

Siarhei delivered hundreds of consultations on GDPR issues to companies around the world. He helped to implement the GDPR program as an external project manager in over 50 companies.

On LinkedIn

After the course you will be able to answer the following questions

What is privacy?

How to define personal data under the GDPR?

What legal ground is necessary for collection of personal data and how long you can store it?

Who, how and when should be designated as Data Protection Officer?

How is risk assessment (DPIA) carried out?

What shall you write in your Privacy policy?

What should you do in case of data breaches?

Program

Click on"＋" to see details.

PRIVACY

Concepts of privacy, data privacy, data protection. Types of privacy.

History of data privacy

Taxonomy of privacy by Daniel Solove

Social implications of data privacy

Overview of evolution of privacy laws

LAW

Review of existing data privacy laws, standards and regulations

Сases, court precedents, guidelines in information privacy

The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data №108

Directive 96/46

GDPR

Overview of present regulatory framework of data protection in EU (GDPR+)

History of EU General Data Protection Regulation (GDPR)

Territorial and material scope of GDPR

Structure of GDPR text (recitals, business related articles etc)

Overview GDPR related acts

National data privacy legislation

Legal precedents

Guidelines and opinions of Article 29 Working Group (Art29WP) / European Data Protection Board (EDPB)

Guidelines of national supervisory authorities (SAs)

Overview of risks, fines, responsibilities related to personal data processing

Mapping of the Belarusian, Ukrainian and Russian data protection laws to the rules applicable in EU.

CONCEPT OF PERSONAL DATA

The concepts of personal data (PD), identifier, data subject

Formula of Persomal Data "(id-x)+info"

Cases of (non-)personal data

Biometric data

DATA PROCESSING. DATA CONTROLLERS AND PROCESSORS

Data processing and types of processing.

Profiling

Pseudonymisation

Anonymisation

Processing of special categories of personal data

Processing of children's data

Data controller, joint controllers or separate controllers

Data processor

Responsibilities distribution between data controllers and processors

PRINCIPLES

Transparency of processing

Purpose limitation

Data minimisation

Storage limitation

Accuracy

Integrity and confidentiality

Accountability

LAWFUL BASIS FOR PROCESSING

Consent

Conditions for consent

Getting consent in UX

Contract

Legal obligation

Vital interest

Public interest

Legitimate interest

Balancing test of Legitimate Interest Assessment (LIA)

DATA

Modalities for exercise of the rights of the data subject

Right to information about processing

(Ru) Почему шаблон политики приватности вам не подойдет?

Right to access personal data

Right to rectification

Right to restriction of processing

Right to be forgotten

Right to data portability

Right to object

Right to not be subject of automated decision-making

Data subject' rights restriction

Case “Nightmare letter from data subject”

DPIA AND PRIVACY RISK MANAGEMENT

Check-box approach vs risk based approach

Concept of risk

Risk likelihood and severity

GDPR terminology related to risks (high risk, likely etc)

Data Protection Impact Assessment (DPIA) requirement under GDPR

When DPIA is mandatory

BIA (Business Impact Assessment) or SIA (Security Impact Assessment) as triggers for DPIA

General approach to conduct DPIA

Describing processing operations, personal data and supporting assets

Legal and risk-treatment controls

Risk sources, feared events, threats and risks

Tools for Data Protection Impact Assessment

INFORMATION SECURITY

GDPR requirements to information security

Data breach notification of supervisory authorities and data subjects

Technical and organisational measures of managing information security risks

TRANS-BORDER TRANSFERS OF PERSONAL DATA

Overview of GDPR rules on cross-border data flow

Documenting international transfers of personal data

Data Processing Agreement

Binding Corporate Rules

Standard Contractual Clauses

Codes of conduct and certifications

Derogations relating to cross-border data transfers for specific situations

PRIVACY BY DESIGN

The 7 foundational principles of privacy by design by Ann Cavoukian

Privacy by Default

Privacy embedded into design

Full functionality - positive-sum

End-to-End Security - Lifecycle Protection

Data Protection Officer (DPO) and EU representative

Representative in EU

Data Protection Officer / DPO

Program

Training format

9 hours per week

8 practical exercises

32 real cases

Individual mentoring support

700 additional materials

87 test questions

1 GDPR DPP certificate for everyone, who passed the test

Online format

We use Zoom to organize the training. You can see the trainer and his screen, as well as ask him questions in real time using a mic or a webcam.

We will share with you an invitation link through a group chat in WhatsApp.

Technical requirements:

- mic and headphones;

- Internet connection for high-quality video call;

- Zoom app.

For maximum benefit, we recommend that you dedicate these days exclusively for the training.

Hide

Certificate

Training is an organizational measure, and is a duty reflected in the General Data Protection Regulation, Articles 24, 25, 28, 32, and 39. Our recognizable certificate confirms your knowledge and ability to work as DPO specialist. We also attach the course program to certificate.