• Data Protection Training

    for You and Your Employees

    Practice-oriented training by GDPR experts

    Crash Course:
    GDPR Basics

     

    The objective of this power training course is to provide the basics of GDPR. The following topics will be covered on the basis of practical examples:

    • Personal data in the GDPR context
    • Sensitive data in the GDPR context
    • GDPR information obligations
    • Role of the privacy policy
    • GDPR legal basis
    • GDPR records of processing activities
    • GDPR accountability
    • Rights of the data subject
    • Information security
    • GDPR-compliant deletion of personal data
    • Liability, penalties, internal "liability chain"

    GDPR Module:
    Sales and Purchasing

     

    The objective of this power training course is to show your employees how to deal with personal data in day-to-day business in accordance with the GDPR. The following topics will be covered on the basis of practical examples:

     

    • GDPR-compliant contract initiation and execution
    • GDPR-compliant handling of RFQs, offers and orders
    • Communication with existing business partners (phone, email, letter)
    • Use of apps for business purposes, e.g. WhatsApp, business card scanner
    • Sharing of personal data between business partners, e.g. customer-supplier
    • GDPR-compliant invitation to marketing events such as trade fairs, supplier days, TechDays,...
    • GDPR-compliant handling of business cards
    • Acquisition - Correlation of GDPR and competition law
    • Communication with prospects
    • Requirements for warming up "cold" contacts
    • Communication with contacts from professional networks such as XING or LinkedIn
    • Acquisition via professional networks, e.g. XING, LinkedIn
    • Purchase of contact details, e.g. from Deutsche Post
    • Deletion of contacts

    GDPR Module:
    Marketing

     

    The objective of this power training is to show the possibilities of GDPR-compliant marketing measures. The following topics will be covered on the basis of practical examples:

     

    • GDPR-compliant design of websites
    • Use of cookies and third-party apps
    • GDPR-compliant design privacy policies in the context of your marketing activities
    • Information duties & consents for your online presence

    GDPR-compliant use of service providers:

    • Data processing agreements with third parties
    • Information security, respectively technical-organizational measures of your data processors
    • Newsletter marketing, e.g. Mailchimp
    • Social Media (Facebok, Twitter, Instagram,...)

    Offline marketing:

    • Events, e.g. invitations to trade fairs or supplier days
    • Dealing with trade fair contacts
    • Dealing with participant lists of events, conferences,...
    • Acquisition - Correlation of GDPR and competition law

    GDPR Module:
    IT

     

    The objective of this power training course is to sensitize your employees from the IT environment to the DSGVO-compliant operation of IT solutions and landscapes:

     

    • Interrelationship of GDPR record of processing and IT architecture
    • GDPR-compliant design of the privacy policy in the context of your IT architecture
    • GDPR data protection impact assessment
    • Scenarios for the implementation of rights of the data subject in heterogeneous IT landscapes
    • GDPR-compliant deletion of personal data

    GDPR-compliant use of service providers:

    • DPAs with software manufacturers
    • DPAs with consulting companies
    • Information security or technical and organizational measures
    • Importance of certifications, e.g. ISO 27001
    • Use of apps, e.g. WhatsApp, business card scanner

    GDPR-compliant integration of

    • Email services, e.g. Office 365, Gmail
    • CRM solutions, e.g. salesforce, Microsoft CRM 365
    • Marketing solutions, e.g. Mailchimp

    GDPR Module:
    Digital Business Models 1

     

    In all digital B2B and B2C business models, personal data is processed, such as IoT, eMobility, Artificial Intelligence or SaaS. Digital business models that have not been designed to comply with the GDPR from the start have no chance of survival. Based on practical examples, the following topics are covered in this power training course:

     

    Contract architecture:

    • No rights to data - no digital business model
    • Requirements for the monetization of data within scope of digital business models
    • Overview of GDPR-relevant contracts for digital business models
    • Excursus: General Terms and Conditions, Terms of Use and Service Agreement
    • Compliance with GDPR information requirements
    • Purposes of processing and legal basis
    • GDPR-compliant design of the privacy policy in the context of your business model
    • Design of DPA (Data Processing Agreement) with customers
    • Design of DPA (Data Processing Agreement) with service providers
    • Contractual design of the technical and organizational measures
    • Importance of certifications, e.g. ISO 27001
    • Anonymisation/pseudonymisation from a legal point of view
    • Deletion of data


    Legal advice:

    • Without legal advice - no digital business model?
    • Avoidance of mistakes in the selection of the law firm
    • Avoidance of misunderstandings in the context of communication between business managers and lawyers
    • Examples of financial impacts on digital business models due to lack of legal advice

    GDPR Module:
    Digital Business Models 2

     

    The objective of this power training course is the GDPR-compliant design of the operation of digital business models. The following topics will be dealt with using practical examples:

    • Planning of a GDPR-compliant architecture
    • Information security
    • Requirements for international data transfer (third country)
    • GDOR-compliant code management (version control)
    • GDPR-compliant customer registration, onboarding, customer success management and helpdesk
    • User and rights management in the GDPR context
    • GDPR-compliant technical monitoring (operation)
    • GDPR-compliant (further) development of services
    • GDPR-compliant deletion of personal data as processor
    • GDPR-compliant handling of backups

    Use of service providers:

    • GDPR criteria for the selection of service providers
    • Data processing agreements (DPAs) with third parties
    • Information security, incl. technical and organizational measures

    DSGVO-compliant integration of

    • Hosting providers, such as AWS, MS Azure, Alibaba Cloud
    • Billing & payment providers, such as stripe, Paypal, Chargebee
    • Transactional email providers, such as Amazon SES, mailjet
    • Customer support providers, e.g. zendesk, intercom, aircall
    • Newsletter providers, e.g. Mailchimp
    • Code management, e.g. github, Bitbucket
  • Price List

    GDPR Training

    for your Employees

     

    500.- EUR

    per training participant - excl. VAT

     

     

    • DSGVO crash course "Basics"
      + one DSGVO module "Department"
    • Training duration: 1 day
    • Training location: Your company
    • Minim. number of participants: 10
    • plus travel expenses
     

    GDPR Training

    Digital Business Model

     

    1,000.- EUR

    per training participant - excl. VAT

     

     

    • DSGVO crash course "Basics"
      + one DSGVO module "Digital Business Model"
    • Training duration: 1 day
    • Training location: Your company
    • Minim. number of participants: 5
    • plus travel expenses