The General Data Protection Regulation (GDPR) is certainly the most significant personal data legislation in the past 20 years.
- To what extent are you prepared to pay a fine that might reach 4% of your organisation turnover?
Attend our training and get practical advice on how to set up a compliant programme within the organisation.
Duration: 4h
Language: Available in English and French. The supporting material is only available in English.
Number of participants: up to 15
Available under intra-company course (i.e. dedicated session on demand)
Objectives
By the end of this training, participants will be able to:
- explain the main principles of the regulations and their impacts;
- determine the steps to implement in order to ensure compliance;
- establish a GDPR compliance programme;
- review and analyse the current personal data protection programme taking into account the new requirements.
Content
- Regulatory framework for personal data processing
- Regulatory context related to the processing of personal data and, in particular, the new principles (i.e. data minimisation, personal data protection by design, etc.)
- Processing conditions, and data subject rights, in particular, the new rights (i.e. portability, the right to be forgotten, etc.)
- Personal data types, their locations as well as their retention period
- Archiving rules and destruction of personal data
- Communication of personal data
- Personal data transfers to third parties
- Personal data transfers out of the EEA
- Internal and external actors that are involved in personal data processing
- Responsibility of the service provider
- How to demonstrate accountability
- Maturity evaluation
- Implementation of adequate rules
- Sustainable compliance
- Implementation of the needed measures to ensure security and confidentiality of personal data
- Legal obligation to protect personal data
- Specificities of the personal data management by third parties and risks related to cloud computing
- Importance of impact studies and vulnerability studies
Target audience
- Data protection officers
- Chief information system officers
- Compliance officers
Our lead experts
This training is coordinated by Frédéric Vonner, Partner, and Antonin Jakubse, Senior Manager at PwC Luxembourg.
From daily operations to regulatory compliance, Frédéric has been helping local and global asset managers, fund service providers and banks for more than 20 years to successfully run their businesses.
His areas of focus are: UCITS, AIFMD and GDPR regulations, private equity and real estate, organisation setup and review, project management.
Frédéric is also engaged in sustainability and sustainable finance matters, delivering assignments ranging from strategy and regulatory compliance to practical implementation. He is an experienced trainer and course designer /facilitator for soft skills and technical trainings.
Since joining PwC, Antonin developed an expertise on the General Data Protection Regulation ("GDPR") as well as in project management skills, delivering various types of projects ranging from gap analysis to implementation, ensuring a timely delivery of the project and a high level of engagement of all involved stakeholders. He is the solution driver for the privacy (incl. GDPR) topics, supporting the partner in charge to develop business relationships with existing and new clients.
