
Discuss article one’s subject matter and objectives of the GDPR, including protection of natural persons’ data, fundamental rights, and the free movement of data within the European Union.
Understand GDPR's territorial scope, article 3: it applies when an organization has EU establishment, offers goods or services to EU residents, monitors EU users, or falls under member state law.
Remember seven principles of GDPR by the abbreviation lamy, focusing on lawfulness fairness and transparency, purpose limitation, storage limitation, accuracy, accountability, minimization, and integrity and confidentiality.
Learn article five of GDPR and the seven principles for processing personal data, including lawfulness, fairness, and transparency, data minimization, accuracy, storage limitation, data integrity and confidentiality, and accountability.
outline article seven of the gdpr, detailing four subclauses: demonstrate consent, clear and plain language, right to withdraw, and no coercion, with withdrawal as easy as consent.
Explore how Article 11 allows processing personal data without identifying the subject, where the purpose determines identification; learn when additional information triggers normal GDPR rules.
Explain article 16 rights: data subjects can rectify inaccurate data or complete missing records, with the controller fixing data promptly and considering processing purposes.
Explain Article 17’s right to erasure, including when deletion is required, comprehensive deletion, exceptions, and informing other recipients of the erasure request.
Explore data protection by design and by default under article 25, applying state-of-the-art measures, understanding the nature, scope, context, and purposes of processing, and using pseudonymisation and data minimization.
explains article 35 data protection impact assessment requirements, including when to conduct DPIAs, the role of the data protection officer, mandatory processing scenarios, and DPIA content.
outline article 39 tasks for the data protection officer, including informing and advising controllers and processors, monitoring compliance, staff training and audits, cooperating with authorities, and considering processing risks.
Explore the data protection officer’s GDPR responsibilities under article 39, including informing and advising controllers or processors, monitoring compliance, audits, and cooperation with supervisory authority. Assess risk under article 39.2.
Under article 83, the supervisory authority decides if and how much to fine, weighing nature, gravity, duration, data subjects affected, damage, intent, mitigation, cooperation, and prior infringements.
Welcome to "GDPR - The Simplified Version" Course!
Unlock the mysteries of GDPR without drowning in legalese! Our course breaks down the General Data Protection Regulation into digestible, practical insights. No need for a law degree—just an eagerness to understand and implement data protection.
Course Highlights:
Simplified Learning: We've distilled GDPR into plain language, focusing on what you need to know without overwhelming you with jargon.
Practical Examples: Learn through real-life scenarios. We believe in hands-on learning—understand the regulation by applying it to practical situations.
MCQ based learning: We have designed MCQs for each lecture to enhance your learning experience.
GDPR - The Simplified Version" Course includes following most important articles of the GDPR:
Article 1: "Subject Matter and Objectives"
Article 2: "Material Scope"
Article 3: "Territorial Scope"
Article 5: "Principles relating to processing of personal data"
Article 7: "Conditions for consent"
Article 8: "Conditions applicable to child's consent in relation to information society services"
Article 9: "Processing of special categories of personal data"
Article 10: "Processing of personal data relating to criminal convictions and offences"
Article 11: "Processing which does not require identification"
Article 13: "Information to be provided where personal data are collected from the data subject"
Article 14: "Information to be provided where personal data have not been obtained from the data subject"
Article 15: "Right of access by the data subject"
Article 16: "Right to rectification"
Article 17: "Right to erasure ('right to be forgotten')"
Article 18: "Right to restriction of processing"
Article 19: "Notification obligation regarding rectification or erasure of personal data or restriction of processing"
Article 20: "Right to data portability"
Article 21: "Right to object"
Article 22: "Automated individual decision-making, including profiling"
Article 23: "Restrictions"
Article 24: "Responsibility of the controller"
Article 25: "Data protection by design and by default"
Article 26: "Joint controllers"
Article 28: "Processor"
Article 29: "Processing under the authority of the controller or processor"
Article 30: "Records of processing activities"
Article 32: "Security of processing"
Article 33: "Notification of a personal data breach to the supervisory authority"
Article 34: "Communication of a personal data breach to the data subject"
Article 35: "Data protection impact assessment"
Article 36: "Prior consultation"
Article 37: "Designation of the data protection officer"
Article 38: "Position of the data protection officer"
Article 39: "Tasks of the data protection officer"
Article 44: "General principle for transfers"
Article 82: "Right to compensation and liability"
Article 83: "General conditions for imposing administrative fines"