Data Protection Foundation training and exam

Intra-company training

Who is the training for?

This course benefits anyone who is involved in (or responsible for) collecting, editing or managing personal data in a professional context. This is an entry level training. If you’re looking for an advanced training to manage, lead and implement privacy and data protection in your organisation, have a look at our DPO training, the Data Protection Practitioner.

Level reached

Advanced

Duration

2,00 day(s)

Language(s) of service

EN

Goals

Data Protection Foundation (DPF) offers a comprehensive course for individuals that need to understand their rights and responsibilities under privacy laws and regulations and the General Data Protection Regulation (GDPR) in particular. It offers you an overview of the obligations of your organisation and of the rights of those from whom you’re collecting personal data. You will gain a thorough understanding of the EU’s GDPR, interpreting its terminology and provisions supported with practical examples and scenarios. At the end of the course, you will have a clear picture of rights and obligations under the GDPR and you will be able to translate the law to your daily life and work.

This training includes:

  • 2 days of training;
  • official course materials from SECO-Institute;
  • SECO-Institute book: understanding the GDPR;
  • access to SECO-Institute’s student portal with exam syllabus, practice exam questions and useful references;
  • exam voucher;
  • practice exam.

By the end of the program you will be able to:

  • understand the GDPR, your rights and obligations through real-world examples and fictive scenarios that will enable you to apply them in your daily work.
  • historical and legal context of European privacy and data protection legislation and the GDPR, essential terms and concepts employed.
  • GDPR’s material and territorial scope: information and activities that the GDPR applies to, and in what situations the GDPR applies within and outside the EU/EEA.
  • main provisions and their consequences for individuals and businesses: GDPR’s 7 key processing principles, restrictions on the processing of personal data and the obligations of controllers and processors.
  • how compliance with the GDPR can be demonstrated to the supervisory authority and what are the consequences of non-compliance? Where to find additional information about specific provisions?

Contents

Module 1. Historical and legal context

History of the right to privacy and the right to data protection
Legal instruments of the Council of Europe and the European Union (treaty, directive, regulation…)
Most important changes under the GDPR
EU data protection laws in specific sectors

Module 2. The house of data protection

The foundation of your House: terms and scope

Pillar 1: processing principles
Pillar 2: restrictions
Pillar 3: obligations
Pillar 4: communication
The roof of your house: accountability

Module 3. Introduction to BS 10012

Module 3 offers a brief overview of the structure of BS 10012, a best practice framework for a personal information management system that is aligned with the principles of the GDPR.

Module 4. Summary

Bringing it all together
Key takeaways and next steps
Exam preparation

Additional information

This training will be coordinated by Koen Maris, Partner and Simon Petitjean, Director at PwC Luxembourg.

Koen, Partner, leads the Cyber Security practice with more than 20 years of experience in information/cyber security in cross industry environments.
Koen is specialised in Secure Operations Centers, incident response and awareness raising at all levels of an organisation. He has experience with Distributed Ledger Technology, IoT, OT/IT security, threat intelligence and forensics.
Koen has a strong technical background and operational experience in cyber security as well as strong competencies in security architecture, solution design, programme management, business development.

Simon is a cybersecurity director specialised in ethical hacking. He worked on multiple cybersecurity projects in various industries and environments (banking sector, governmental agencies, European institutions, industrial companies). As a technical specialist, he fully takes part in the activities undertaken by the Ethical Hacking team, including penetration tests, vulnerability assessments, and on-demand hacking scenarios.
Simon also works as a subject matter expert on incident response assignments and digital forensics investigations. He is a sworn judicial expert in the field of cybersecurity, cybercrime and digital investigation, appointed by the Luxembourg Ministry of Justice.

These courses might interest you

EN
Day
Law - Private law - Intellectual property law - Data protection law - General Data Protection Regulation