Course Outline

What is the GDPR

  • What is personal data / sensitive data
  • Picking your team
  • Understanding GDPR terms
  • Privacy by design and privacy by default

Appointing a team

  • Choosing the people to help with GDPR (legal, marketing, IT, hr)
  • What is a DPO and do you need one


  • Determine if its personal datata
  • Who can access data
  • How and where data is stored i.e. electronically or paper-based
  • Securing data

Rights and obligations

  • Data Subjects and their rights
  • Controller’s obligations
  • Processor’s obligations
  • Dealing with data requests
  • International data transfers
  • What is a data breach
  • Fines and penalties
  • Third-party services
  • Internatinal data transfers

Developing policies and procedures (legal issues)

  • Creating a data privacy policy for employees and clients
  • Document legal basis for having the data
  • Establish codes of conduct for collecting and handling data
  • Examine outside third-party contracts with other suppliers


  • Updating data – you need to ensure data you hold is updated
  • Update privacy notices and procedures as GDPR changes
  • Update contracts as needed.


There are no specific requirements needed to attend this course.

 7 Hours

Testimonials (3)