Join This Course
- 12 months access
- Certificate on completion
- Proven eLearning platform
- Optimised for mobile devices and desktop
As a general best practice, every organisation should appoint a person responsible for data privacy. The GDPR requires certain organisations to appoint Data Protection Officer. DPO is accountable for data privacy and compliance with the GDPR within their organisation. Even those who are not required to appoint a DPO should consider appointing a Privacy Manager to take responsibility for data privacy in the organisation.
The GDPR for Privacy Managers online training is written by experts in the GDPR and global data privacy legislation. It concentrates on the key aspects of the EU GDPR and UK GDPR which a DPO needs to be aware of in order to do their job.
Because the privacy managers need to be highly knowledgeable and skilled in their areas, the GDPR for Privacy Managers online training has a final assessment with 80% pass rate. Successful trainees will receive a certificate which is valid for one year and will need to retake the course annually.
Who should take the GDPR for Privacy Managers online training?
This training is recommended for those with direct responsibility for data protection in an organisation, including Data Protection Officers, Compliance Officers and Privacy Managers.
Course Agenda
Text and Image Screen: What is the GDPR? |
Interactive Screen: Why is the GDPR a game changer? New rights for data subjects. Defining personal data. Aligning EU regulations. Fines and Penalties. Global Reach. |
Interactive Screen: Established businesses under GDPR. Examples, Weltimmo v. NAIH and Google Spain, Google Inc. v. Mario Costeja Gonzalez. |
Interactive Screen: Where the GDPR doesn't apply. Domestic use. Non-EU. Non-behavioural. |
Text and Image Screen: Examples of personal data. |
Text and Image Screen: Anonymised and pseudonymised data. |
Text and Image Screen: Examples of special categories of personal data. |
Text and Image Screen: What does it mean to 'process' personal data? Examples of data processing. |
Knowledge Check: Scenario. Help Elena figure out whether her company needs to comply with the GDPR. |
Interactive Screen: Different roles outlined in the GDPR. Data Subjects. Data Controller. Data Processor. Data Protection Authority. |
Interactive Screen: What rights do Data Subjects have? Right to access. Right to Rectification. Right to Erasure. Right to Restrict Processing. Right to Notification. Right to Data Portability. Right to Object. |
Interactive Screen: Privacy notices and policies. Informing Data Subjects of their rights. What you need to describe in a privacy notice. Types of Data. Data Collection. Lawful Basis. Recipients. Retention. Rights. Transfers. Consent. Complaints. Automated Decision-Making. |
Text and Image Screen: How information should be presented in a privacy notice or privacy policy. Clearly. In plain language. Before or at the time you collect the data. Easily accessible. Do not hide your privacy policy. |
Text and Image Screen: Privacy policy techniques. Layered approach. Privacy dashboards. Just-in-time notices. Icons. Mobile-friendly. |
Knowledge Check: Scenario - Peter's coffee shop. Fill in the blanks to identify different roles outlined in the scenario. Help Peter identify what personal data he collects. |
Text and Image Screen: What is a lawful basis for processing? What it affects. Justifying your reasons. Demonstrating your knowledge. |
Text and Image Screen: The Six Lawful Bases. Consent. Contract. Legal Obligation. Vital Interests. Public Task. Legitimate Interests. |
Text and Image Screen: When to use consent as your lawful basis. What rights you need to provide Data Subjects when using consent. |
Interactive Screen: Guidelines for using consent. Informed. Specific. Clearly and affirmatively given. Freely given. Demonstrable. |
Text and Image Screen: When to use contract as your lawful basis. What rights you need to provide Data Subjects when using contract. Examples. |
Text and Image Screen: When to use legal obligation as your lawful basis. What rights you need to provide Data Subjects when using legal obligation. Examples. |
Text and Image Screen: When to use vital interests as your lawful basis. What rights you need to provide Data Subjects when using vital interests. Examples. |
Text and Image Screen: When to use public task as your lawful basis. What rights you need to provide Data Subjects when using public task. Accountability. |
Text and Image Screen: When to use legitimate interests as your lawful basis. What rights you need to provide Data Subjects when using legitimate interests. Examples. |
Text and Image Screen: Legitimate Interests Assessment (LIA). Purpose. Necessity. Balancing. Consider interests of a third party and general societal benefits. |
Text and Image Screen: Documenting your lawful bases. Updating privacy policies, notices and processing activities. |
Knowledge Check: Examine the privacy notice and answer questions. Lawful basis for delivering goods. Lawful basis for processing. |
Text and Image Screen: Data Protection Authority summary. Powers of the DPA. Which DPA you should be familiar with. |
Knowledge Check: Scenario - Help Jan understand and exercise his rights after being sent marketing emails. |
Text and Image Screen: Data Protection Officer responsibilities. Maintaining standards. Liason for Data Protection Authority. Do I need a DPO? Systematic monitoring. Large-scale processing of special category data. Designated Representative. Qualified, management level. |
Interactive Screen: The DPO Jon. Qualifications. Task. Structure. Third Party Transfers. |
Interactive Screen: Scenario - Claire's new role as a DPO. What steps Claire takes. Data mapping. Security review. Policy review. Review contracts. Record processing activities. Conduct a DPIA. Train employees. |
Knowledge Check: 5 true or false questions on the role of a DPO. Sort Claire's activities into order. |
Formal assessment with 29 questions. A score of 80% or above is required to pass the course and receive a certificate.