DSGVO (GDPR) Fundamentals for Businesses

Target Group:
This seminar is aimed at professionals, managers, and data protection officers within companies who wish to develop a fundamental understanding of the General Data Protection Regulation (DSGVO / GDPR). It is particularly suitable for beginners, but also for individuals who want to deepen their knowledge of how to implement the DSGVO/GDPR in practice.


Module 1: Introduction to the DSGVO/GDPR – Basics

  • What is the DSGVO/GDPR?
    An overview of the General Data Protection Regulation and its importance for businesses and individuals, both within the EU and globally.

  • Goals and Principles of the DSGVO/GDPR
    The protection of privacy and the rights of data subjects, as well as fostering a harmonized data protection framework across the EU.

  • Key Terms of the DSGVO/GDPR
    Definitions of essential terms such as "personal data," "processing," "data subject," "controller," and "processor."

  • The History of the DSGVO/GDPR
    The evolution of European data protection law and the driving forces behind the introduction of the DSGVO.


Module 2: Rights of Data Subjects

  • Right to Access
    How data subjects can request information about the processing of their personal data.

  • Right to Rectification and Erasure
    When and how data subjects can have their data corrected or deleted under the DSGVO.

  • Right to Data Portability
    How personal data can be transferred from one system to another in a structured and accessible format.

  • Right to Object
    How and when data subjects can object to data processing activities.

  • Right to Restrict Processing
    How data subjects can limit the scope or processing of their data under certain conditions.


Module 3: Responsibilities of Controllers and Processors

  • Controller and Processor
    Who is responsible for ensuring compliance with the DSGVO/GDPR? Understanding the roles of the controller and processor.

  • Record of Processing Activities
    How to maintain a record of all data processing activities, and the essential information that must be documented.

  • Data Protection Impact Assessment (DPIA)
    When is a DPIA necessary, and how should it be conducted to assess the impact on data subjects' privacy?

  • Data Processing Agreements (DPA)
    What must be included in contracts between controllers and processors to ensure DSGVO compliance?


Module 4: Data Protection Organization within the Company

  • Data Protection Officer (DPO)
    When and why businesses need to appoint a Data Protection Officer (DPO) to oversee DSGVO compliance.

  • Creating a Data Protection Policy
    How businesses can develop, implement, and maintain a comprehensive data protection policy aligned with the DSGVO.

  • Employee Training and Awareness
    The importance of employee education on data protection and privacy to ensure a culture of compliance.

  • Documentation Obligations
    The types of documentation required to demonstrate DSGVO compliance in the event of an audit or investigation.


Module 5: Data Protection in Data Processing

  • Processing Personal Data
    Which data can be processed under the DSGVO and what specific security measures must be in place to safeguard personal data?

  • Consent for Data Processing
    How to ensure valid, informed consent is obtained from data subjects for processing their personal data.

  • Automated Decision-Making and Profiling
    The implications of automated decisions and profiling under the DSGVO, and how companies should handle them in accordance with the regulation.


Module 6: Technical and Organizational Measures (TOM)

  • Security Requirements under the DSGVO/GDPR
    What technical and organizational measures businesses need to take to protect personal data, including encryption, anonymization, and data minimization.

  • Encryption and Pseudonymization
    The importance of data encryption and pseudonymization as security measures, and how to implement them.

  • Data Backup and Recovery
    How to ensure the integrity and availability of personal data, with an emphasis on creating reliable data backup and disaster recovery plans.


Module 7: Data Breaches and Reporting Obligations

  • What is a Data Breach?
    Understanding the various types of data breaches and their potential impact on data subjects and organizations.

  • Reporting Obligations for Data Breaches
    How and when data breaches must be reported to supervisory authorities and affected individuals as per DSGVO requirements.

  • Incident Documentation
    How to document incidents of data breaches effectively and take the necessary corrective measures to prevent future occurrences.


Module 8: Data Protection in an International Context

  • Data Transfers to Third Countries
    What rules apply to the transfer of personal data outside of the EU/EEA, and how to ensure that such transfers are legally compliant with the DSGVO.

  • Standard Contractual Clauses and Privacy Shield
    How businesses can secure international data transfers using legal mechanisms such as standard contractual clauses or the EU-U.S. Privacy Shield (if applicable).

  • Role of Supervisory Authorities
    Understanding the responsibilities and powers of national and European data protection authorities in enforcing DSGVO compliance.


Module 9: Liability and Sanctions

  • Fines and Penalties
    What sanctions can businesses face if they fail to comply with the DSGVO, including potential fines, penalties, and reputational damage.

  • Liability for Data Protection Violations
    Who is liable in the event of a data protection breach under the DSGVO? This includes controllers, processors, and possibly third parties.

  • Limitation and Compensation Claims
    What are the timeframes for enforcement, and how can individuals seek compensation for GDPR violations?


Module 10: Practical Examples and Case Studies

  • Successful DSGVO Implementations
    Examples of businesses that have successfully implemented DSGVO-compliant processes and frameworks.

  • Common Pitfalls and Challenges
    Real-world analysis of common DSGVO violations and how to avoid them.

  • Current Developments and Outlook
    Updates on the latest developments in data protection law, including potential amendments to the DSGVO, and their impact on businesses.


Training Formats:

  • In-Person Training: Intensive on-site workshop with expert lectures, practical exercises, and interactive discussions.
  • Online Course: Flexible, interactive learning via live webinars, recorded sessions, and practical modules.
  • Inhouse Training: Custom-tailored training for your company, focusing on your specific data protection needs and challenges.

Duration:

  • 1 Day: Compact introduction to the DSGVO/GDPR and its core principles.
  • 3 Days: In-depth DSGVO/GDPR knowledge with practical applications, case studies, and hands-on activities.
  • 5 Days: Comprehensive training with interactive workshops, deep dives into GDPR-related topics, and scenario-based simulations.

Methods:

  • Theoretical insights from DSGVO/GDPR experts.
  • Practical workshops and exercises.
  • Group work, interactive discussions, and case studies.
  • Simulations of data breaches and crisis response scenarios.

Your Benefits:

  • In-depth understanding of the DSGVO/GDPR and its implementation within your organization.
  • Practical tools for ensuring GDPR compliance across departments and business processes.
  • Knowledge of GDPR rights, obligations, and penalties for both controllers and processors.
  • Best practices for data protection governance and how to avoid common compliance issues.

Costs:

The seminar costs vary depending on the format and scope. Please contact us for a tailored offer.


Registration:

Sign up now to ensure that your company is DSGVO/GDPR-compliant and well-prepared for any data protection challenges!


Diese Website verwendet Cookies, um Ihr Benutzererlebnis zu verbessern. Durch die fortgesetzte Nutzung dieser Website stimmen Sie dem Einsatz von Cookies zu. Weitere Informationen erhalten Sie in der Datenschutzerklärung.