Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Core Principles of Personal Data Processing
- Sources of national and international law.
- The scope of application of personal data protection laws.
- The jurisdiction and powers of data protection authorities.
- Judicial remedies for the right to personal data protection.
- GDPR - essential information and definitions - key issues.
- Sector-specific GDPR provisions.
- Definition of personal data.
- Processing of personal data.
- Legal grounds for processing personal data.
- Responsibilities of the Data Controller.
- Rights of data subjects.
- Administrative fines.
- Personal Data Protection Act of 10 May 2018 – scope of regulations.
- Appointment of a Data Protection Officer.
- Proceedings for infringement of personal data protection laws.
- Monitoring compliance with personal data protection regulations.
- Civil, criminal, and administrative liability.
- Conditions for the admissibility of processing personal data (standard and sensitive data).
- Legal requirements for entrusting the processing of personal data to third parties.
- Data Protection Impact Assessment.
- Data protection by design and by default.
- Legal bases for transferring personal data to a third country.
- Protection of personal data in employment contexts.
Appointment of a Data Protection Officer
- Mandatory appointment of a Data Protection Officer.
- Optional appointment of an internal auditor.
Eligibility for the Data Protection Officer Role
- Qualifications required to act as an auditor.
- Employment structure for the auditor.
Status and Independence of the Data Protection Officer
- Direct reporting lines of the auditor to top management.
- Ensuring adequate resources and support for the auditor.
- Auditor participation in all matters related to personal data protection.
- Prohibition of giving instructions to the auditor regarding how duties are performed.
- Avoiding conflicts of interest within the organization – auditor tasks.
- Prohibition of dismissal or punitive measures against the auditor.
- The auditor's obligation to maintain confidentiality of their tasks.
Information Security Management
- Discussion of the organizational security management system based on Polish and other relevant standards.
- Identification of privacy risks and their legal implications.
- Principles of risk assessment and evaluating the impact of specific solutions on safety management effectiveness.
- Understanding and applying a risk-based approach – practical completion of the Risk Analysis template.
- Personal Data Lifecycle Management.
Executing the Tasks of the Data Protection Officer (DPO)
- Legal basis for the appointment of the DPO.
- Who must appoint a DPO, when, and the procedure for appointment.
- DPO status and required qualifications.
- DPO tasks and rules for planning their execution.
- Conducting reports on the compliance of data processing with personal data protection provisions in traditional and IT systems.
- Documenting activities carried out by the DPO.
- Preparation of inspection reports.
- Rules for supervising the documentation of personal data processing.
- Scope of UODO's powers regarding DPOs.
Practical Information on Inspections by the Office for Personal Data Protection
- Requirements imposed on auditees.
- Preparation strategies for inspections.
- Case study analysis.
Hands-on Activities
- Development of an exemplary Information Security Policy.
- Drafting management instructions.
- Development of a Register of Processing Activities.
- Preparation of comprehensive personal data protection documentation.
- Case study analysis.
- Common errors in documentation preparation.
Additional Course Materials:
Useful Forms and Templates:
- Consent to the use and dissemination of images.
- Event newsletter subscription consent.
- Consent to receive a commercial offer.
- Template for sending offer emails.
- Template for sending general emails.
- Example of a personal data protection policy.
- Template for preparing the information obligation under GDPR, including instructions.
- Risk analysis template.
- Register of personal data processing activities – template.
- Register of categories of processing activities – template.
- GDPR Breach Register – Template.
- GDPR Compliance Checklist Template.
- Instructions for handling personal data protection breaches.
- Data Protection Breach Report Template.
- Register of security incidents and corrective/preventive actions.
- Register of corrections (corrigenda).
- Register of data restorations.
- Model corrigendum.
- Data restoration pattern.
- Model objection form.
- Model contract excluding further processing of personal data.
- Sample consents for competitions, marketing, and publications.
- Information obligation for ferry crossings.
- Information obligation for meeting monitoring.
- Information obligation regarding recruitment.
- Information obligation for the National Revenue Administration.
- Information obligation for the LES.
- Public Procurement Law (UCoC) information obligation.
- Information obligation: Labour Code.
- Tax information obligation.
- Authorization to process personal data for employees: template with example.
- Notification of a breach to data subjects – template.
- Personal Data Processing Agreement for the Controller – template.
- Personal Data Processing Agreement for the Processor.
- And many more resources.
Requirements
Target Audience
- Individuals commencing their role as a Data Protection Officer.
- Individuals who are slated for appointment to this position in the near future.
21 Hours
Custom Corporate Training
Training solutions designed exclusively for businesses.
- Customized Content: We adapt the syllabus and practical exercises to the real goals and needs of your project.
- Flexible Schedule: Dates and times adapted to your team's agenda.
- Format: Online (live), In-company (at your offices), or Hybrid.
Price per private group, online live training, starting from 4800 € + VAT*
Contact us for an exact quote and to hear our latest promotions
Testimonials (1)
The variety of the information shared and the clarity to explain terms in plain English.