
In this lecture you will learn if this program is fit for you.
One paragraph of description.
Determine if GDPR applies to your business, define data subject, controller, and processor, and learn about personal data, transfers, retention, and special categories.
Explore the double opt-in controversy, comparing single opt-in with a confirmation email to improve deliverability and reduce trolls, while noting capture as an alternative and privacy policy implications.
Learn to handle browser cookies by adding a clear privacy policy mention of cookie use, linked on every page, and note legitimate interest for third-party data sharing.
Identify and limit third-party access by treating partners as data processors under GDPR, review user accounts and cloud storage permissions, and tighten access to prevent breaches.
Assess your processors under GDPR and verify privacy policies to protect data and business continuity. Develop exit plans, address subject access requests, and schedule regular policy reviews for top-risk providers.
"Minimal IT security and GDPR" helps small companies, coaches and online entrepreneurs to adhere to the European General Data Protection Regulation. This is mandatory for any company processing personal data of any European citizen. Following this course, you will be doing this with as little fuss as possible, while also improving your IT security. Step by step guide, with templates to fill in. You will have your privacy policy in no time, and you will have set up your basic IT security!
Following the steps, you can actually have a minimal security and privacy policy in one day. Then you will progress your policy and your security in a step by step way, working on small things that matter.
After the first section you already have a 0.1 version of your policy in place. The second section dives a little deeper in what privacy regulations really are all about, focussing more on the intent than on the nitty gritty details. If you are a small company, intent to improve is often more important than overdoing it on procedure. The third section helps you uncover and understand what the data is that you should first care about. Section four gives you some basic essential tech skills that I am sorry to say, you do really need if your company is handling data (even if it is just names and addresses of customers). Finally section five talks about policy and procedure. Down to earth that simply means you should be following some rules and writing them down. It is not really much more complicated than agreeing with friends on how you would take a vacation together.