Data privacy in Luxembourg: GDPR and beyond

The General Data Protection Regulation (GDPR) is certainly the most significant personal data legislation in the past 20 years. To what extent are you prepared to pay a fine that might reach 4% of your organisation turnover?

Attend our training and get practical advice on how to set up a compliant programme within your organisation.

21 March 2024 (EN) - 1:30pm-5:30pm - On site

Price: 780.00 €

Duration: 4h

Language: Available in English and French

Number of participants: max. 20


By the end of this training, the participants will be able to:

  • explain the main principles of the regulations and their impacts; 
  • determine the steps to implement in order to ensure compliance; 
  • establish a GDPR compliance programme; 
  • review and analyse the current personal data protection programme taking into account the new requirements.


1. Regulatory framework for personal data processing

  • Regulatory context related to the processing of personal data and, in particular, the new principles (i.e. data minimisation, personal data protection by design, etc.) 
  • Processing conditions, and data subject rights, in particular, the new rights (i.e. portability, the right to be forgotten, etc.)
  • Personal data types, their locations as well as their retention period
  • Archiving rules and destruction of personal data

2. Communication of personal data

  • Personal data transfers to third parties 
  • Personal data transfers out of the EEA
  • Internal and external actors that are involved in personal data processing
  • Responsibility of the service provider

3. How to demonstrate accountability?

  • Maturity evaluation
  • Implementation of adequate rules 
  • Sustainable compliance

4. Implementation of the needed measures to ensure security and confidentiality of personal data

  • Legal obligation to protect personal data 
  • Specificities of the personal data management by third parties and risks related to cloud computing
  • Importance of impact studies and vulnerability studies

Target audience

  • Data protection officers
  • Chief information system officers
  • Compliance officers

Our lead experts

This training is coordinated by Frédéric Vonner, Partner at PwC Luxembourg.

From daily operations to regulatory compliance, Frédéric Vonner, Partner, has been helping local and global asset managers, fund service providers and banks for nearly 20 years to successfully run their businesses.

His areas of focus are: UCITS, AIFMD and GDPR regulations, private equity and real estate, organisation setup and review, project management.

Frédéric is also engaged in sustainability and sustainable finance matters, delivering assignments ranging from strategy and regulatory compliance to practical implementation. He is an experienced trainer and course designer /facilitator for soft skills and technical trainings.

Antonin Jakubse is a senior manager. Since joining PwC, Antonin developed an expertise on the General Data Protection Regulation ("GDPR") as well as in project management skills, delivering various types of projects ranging from gap analysis to implementation, ensuring a timely delivery of the project and a high level of engagement of all involved stakeholders. He is the solution driver for the privacy (incl. GDPR) topics, supporting the partner in charge to develop business relationships with existing and new clients.

Contact us

Contact details

PwC's Academy, Crystal Park Building, PwC Luxembourg

Tel: +352 49 48 48 4040

Follow us