•  

    Data Privacy Trainings

    GDPR Training
    Basics

     

    The objective of this training is to train your employees about the DSGVO basics. The following topics will be covered on the basis of practical examples:

    • Personal data in the GDPR context
    • Sensitive data in the GDPR context
    • GDPR information obligations
    • Role of the privacy policy
    • GDPR legal basis
    • GDPR records of processing
    • GDPR obligations and accountability
    • Rights of the data subject
    • Information security
    • Deletion of personal data
    • Liability

    GDPR Training
    Sales and Purchasing

     

    The objective of this training is to train the DSGVO-compliant handling of personal data in the day-to-day business of sales and purchasing. The following topics will be covered on the basis of practical examples:

     

    • DSGVO-compliant contract initiation and execution
    • Communication with existing business partners 
    • Use of apps for business purposes, such as WhatsApp
    • Sharing of personal data between business partners, e.g. customer-supplier
    • GDPR-compliant invitation to marketing events
    • GDPR-compliant handling of business cards
    • GDPR-compliant acquisition, including prerequisites for warming up "cold" contacts
    • Communication with contacts from professional networks such as XING or LinkedIn
    • Purchase of contact details, e.g. from Deutsche Post
    • Obligation to delete contact data

    GDPR Training
    Website

     

    The objective of this training is to show possibilities of GDPR-compliant marketing measures. The following topics will be covered on the basis of practical examples:

     

    • GDPR-compliant design of websites
    • Use of cookies and third-party apps
    • GDPR-compliant design of the data protection declaration in the context of your marketing activities
    • Information duties & consents for your online presence


    DSGVO-compliant use of service providers:

    • Data processing agreements with third-party providers
    • Information security, respectively technical-organizational measures of your order processors
    • Newsletter marketing, e.g. Mailchimp
    • Social Media (Facebok, Twitter, Instagram,...)


    Offline marketing:

    • Events, e.g. invitations to trade fairs or supplier days
    • Dealing with new contacts
    • Dealing with participant lists of events, conferences,...
    • Acquisition - GDPR and competition law in context

    GDPR Training
    for IT department

     

    The objective of this training is to train the GDPR-compliant operation of IT solutions and landscapes:

     

    • Dependencies between records of processing and IT architecture
    • GDPR-compliant design of privacy policies in the context of your IT architecture
    • DSGVO data protection impact assessment
    • Scenarios for the implementation of the data subject in heterogeneous IT landscapes
    • GDPR-compliant deletion of personal data
    • Dealing with backups
     

    GDPR-compliant use of service providers:

    • Data processing agreements with software manufacturers and consulting companies
    • Information security & TOMs
    • Importance of certifications, e.g. ISO 27001
    • Use of apps, e.g. WhatsApp, business card scanner
     

    GDPR-compliant integration of

    • Email services, e.g. Office 365, Gmail
    • CRM solutions, e.g. salesforce, Microsoft CRM 365
    • Marketing solutions, e.g. Mailchimp

    GDPR Training
    Digitale Business Models 1

     

    Personal data is processed in all digital B2B and B2C business models, such as IoT, eMobility, Artificial Intelligence or SaaS. Based on practical examples, the following topics will be covered in this course:

     

    Contract architecture:

    • No data rights - no digital business model
    • Requirements for the monetization of data in the context of digital business models
    • Overview of GDPR-relevant contracts for digital business models
    • Excursus: General Terms and Conditions, Terms of Use and Service Agreement
    • GDPR information obligations
    • Purposes of processing and legal basis
    • GDPR compliant design of privacy policies in the context of your business model
    • Drafting of the contract for order processing with customers and service providers
    • Contractual design of the technical and organizational measures
    • Importance of certifications, e.g. ISO 27001
    • Anonymisation/pseudonymisation from a legal point of view
    • Deletion of data

    Legal advice:

    • Avoidance of errors in the selection of your law firm
    • Avoidance of misunderstandings in the context of communication between business managers, lawyers and data protection officers
    • Examples of financial impacts on digital business models due to lack of legal advice

    GDPR Training

    Digitale Business Models 2

     

    The objective of this training is the GDPR-compliant design of digital business models. The following topics will be discussed using practical examples:

     

    • Planning a DSGVO-compliant IT-architecture
    • Information security
    • Requirements for international data transfer (third country)
    • GDPR-compliant code management
    • GDPR-compliant customer registration, onboarding, customer success management and help desk
    • User and rights management in the GDPR context
    • GDPR-compliant technical monitoring (operation)
    • GDPR-compliant (further) development of services
    • GDPR-compliant deletion of personal data
    • DSGVO-compliant handling of backups

    Use of service providers:

     

    • GDPR criteria for the selection of service providers
    • GDPR data processing agreement with third parties
    • Information security and technical and organizational measures (TOMs)

    DSGVO-compliant integration of

    • Hosting providers, such as AWS, MS Azure, Alibaba Cloud
    • Billing & payment providers, such as stripe, Paypal, Chargebee
    • Transactional email providers, such as Amazon SES, mailjet
    • Customer support providers, e.g. zendesk, intercom, aircall
    • Newsletter providers, e.g. Mailchimp
    • Code management, e.g. github, Bitbucket