GDPR for Managers Online Training
GDPR for Managers Online Training
It is essential that your management team are fully trained in the GDPR so that they can make informed decisions regarding personal data handling in their day-to-day role. With the support of your Data Protection Officer or Privacy Point Person, your managers will have the appropriate level of knowledge required to uphold your privacy policies.
This Sovy Academy online training is written specifically for those in management roles, particularly those in senior management who are likely to make decisions regarding the processing of personal data.
In this course, learners will study the fundamentals of the GDPR, as well as in-depth information on roles and responsibilities and maintain a GDPR compliance programme.
This course requires an 80% pass rate in final assessment. Successful learners will receive a certificate of completion that is valid for one year. The course should be retaken annually to ensure your knowledge is up-to-date.
Who should take the GDPR for Managers online training?
This eLearning course is aimed at those in management roles within a business including senior management, board members and business owners, as well as people managers with some responsibility for personal data handling.
|Text and Image Screen: What is the GDPR?|
|Interactive Screen: Why is the GDPR a game changer? New rights for data subjects. Defining personal data. Aligning EU regulations. Fines and Penalties. Global Reach.|
|Interactive Screen: Established businesses under GDPR. Examples, Weltimmo v. NAIH and Google Spain, Google Inc. v. Mario Costeja Gonzalez.|
|Interactive Screen: Where the GDPR doesn't apply. Domestic use. Non-EU. Non-behavioural.|
|Text and Image Screen: Examples of personal data.|
|Text and Image Screen: Anonymised and pseudonymised data.|
|Text and Image Screen: Examples of special categories of personal data.|
|Text and Image Screen: What does it mean to 'process' personal data? Examples of data processing.|
|Knowledge Check: Scenario. Help Elena figure out whether her company needs to comply with the GDPR.|
|Interactive Screen: Different roles outlined in the GDPR. Data Subjects. Data Controller. Data Processor. Data Protection Authority.|
|Interactive Screen: What rights do Data Subjects have? Right to access. Right to Rectification. Right to Erasure. Right to Restrict Processing. Right to Notification. Right to Data Portability. Right to Object. Right not to be subject to automated decision-making.|
|Interactive Screen: Privacy notices and policies. Informing Data Subjects of their rights. What you need to describe in a privacy notice. Types of Data. Data Collection. Lawful Basis. Recipients. Retention. Rights. Transfers. Consent. Complaints. Automated Decision-Making.|
|Knowledge Check: Scenario - Peter's coffee shop. Fill in the blanks to identify different roles outlined in the scenario. Help Peter identify what personal data he collects.|
|Text and Image Screen: What is a lawful basis for processing? What it affects. Justifying your reasons. Demonstrating your knowledge.|
|Text and Image Screen: The Six Lawful Bases. Consent. Contract. Legal Obligation. Vital Interests. Public Task. Legitimate Interests.|
|Text and Image Screen: When to use consent as your lawful basis. What rights you need to provide Data Subjects when using consent.|
|Interactive Screen: Guidelines for using consent. Informed. Specific. Clearly and affirmatively given. Freely given. Demonstrable.|
|Text and Image Screen: When to use contract as your lawful basis. What rights you need to provide Data Subjects when using contract. Examples.|
|Text and Image Screen: When to use legal obligation as your lawful basis. What rights you need to provide Data Subjects when using legal obligation. Examples.|
|Text and Image Screen: When to use vital interests as your lawful basis. What rights you need to provide Data Subjects when using vital interests. Examples.|
|Text and Image Screen: When to use public task as your lawful basis. What rights you need to provide Data Subjects when using public task. Accountability.|
|Text and Image Screen: When to use legitimate interests as your lawful basis. What rights you need to provide Data Subjects when using legitimate interests. Examples.|
|Text and Image Screen: Legitimate Interests Assessment (LIA). Purpose. Necessity. Balancing. Consider interests of a third party and general societal benefits.|
|Text and Image Screen: Documenting your lawful bases. Updating privacy policies, notices and processing activities.|
|Knowledge Check: Examine the privacy notice and answer questions. Lawful basis for delivering goods. Lawful basis for profiling.|
|Text and Image Screen: Data Protection Authority summary. Powers of the DPA. Which DPA you should be familiar with.|
|Knowledge Check: Scenario - Help Jan understand and exercise his rights after being sent marketing emails.|
|Text and Image Screen: Data Protection Officer responsibilities. Maintaining standards. Liason for Data Protection Authority. Do I need a DPO? Systematic monitoring. Large-scale processing of special category data. Designated Representative. Qualified, management level.|
|Interactive Screen: The DPO Jon. Qualifications. Task. Structure. Third Party Transfers.|
|Interactive Screen: Scenario - Claire's new role as a DPO. What steps Claire takes. Data mapping. Security review. Policy review. Review contracts. Record processing activities. Conduct a DPIA. Train employees.|
|Knowledge Check: 5 true or false questions on the role of a DPO. Sort Claire's activities into order.|
|Formal assessment with 28 questions. A score of 80% or above is required to pass the course and receive a certificate.|