Introduces key European data protection laws and regulatory bodies, describing the evolution toward a harmonized legislative framework.
Defines and differentiates between types of data, including personal, anonymous, pseudo-anonymous and special categories.
Describes the roles and relationships of controllers and processors.
Defines data processing and GDPR processing principles, explains the application of the GDPR and outlines the legitimate bases for processing personal data.
Explains controller obligations for providing information about data processing activities to data subjects and supervisory authorities.
Describes data subjects’ rights, applications of rights and controller and processor obligations.
Discusses considerations and duties of controllers and processors for ensuring security of personal data and providing notification of data breaches.
Investigates accountability requirements, including data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer.
Outlines options and obligations for transferring data outside the European Economic Area, including adequacy decisions and appropriate safeguards and derogations.
Describes the role, powers and procedures of supervisory authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance.
Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, including employers processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing.