Interpretation and application of key GDPR terms; an indication of when the processing of personal data is illegal. Explanation of rights granted to individuals in the industry in which the training participants operate. Implementation of legal obligations incumbent on data controllers and data processors.
IT freelancers and software houses – why are they concerned by the GDPR also outside the territory of the EU.
Legal basis for the processing of personal data by the data controller. Documentation which should be adapted and lead to the proper processing of personal data.
New responsibilities for planning the internal structure of the data processing system.
Participants will find out who, why and how should ensure the creation and further coordination of preparations in their organization. Explanation of the purpose and content of the Register of Data Processing Activities, Impact Assessment for Personal Data and the role of the Data Protection Officer.
Register of Data Processing Activities, Register of Authorizations, Data Security Policy, consent form, request to cease / suspend / limit processing at the request of an individual, data processing agreements etc.
Legal and organizational risks related to entrusting the processing of personal data to third parties, with particular emphasis on outsourcing, external IT services and software.