A Marketer's Guide to the GDPR Regulations
Course Duration: Two Hours
Target Audience:
The course is offered to those who are responsible for ensuring that their organisation is compliant with data protection and privacy law. Course attendees are expected to have a basic understanding of the current data protection legal requirements under the Irish Data Protection Acts 1988 and 2003.
Course Background:
The General Data Protection Regulation (the “GDPR”) came into effect on 25 May 2018. The GDPR will be
directly effective in each EU member state, with the aim that the same rules will be applied uniformly within the EU. This marks a shift in the approach to data protection at a European level, which until 25 May 2018 will rely on national implementing legislation in each EU member state.
Course Objectives:
This one-day course will provide participants with essential insights into the main provisions of the GDPR, as well as guidance on what you can do to become compliant.
Benefit:
Avoid heavy fines and reputation loss, resulting from non-compliance; learn from our expert on how the
GDPR will affect your organisation.
Course Outline:
Introduction to GDPR
-
Review the core principals of the General Data
-
Protection Regulation (GDPR)
How the GDPR Affects the Marketing Function and its Key Definitions
-
What the new terms, such as personal data, sensitive data, consent, and profiling mean.
-
Who is affected by the Regulation and new responsibilities?
Changes for Marketers
-
What consent will now look like.
-
Will the “soft opt-in” for email survive? How “Legitimate Interests” can help. What profiling is covered?
-
The use of data will have to be much more transparent – So what do individuals need to be told and how?
Information Gathering Impacts
-
To legally process information, what will you need to obtain?
-
Can your current database cope with significant detail about consents and objections?
-
What are Privacy Impact Assessments and when will you have to undertake them?
Using Processors
-
Where does liability sit, if there is a breach?
-
What do you need to include in contracts to ensure that processors have protected themselves?
-
What if the Data Controller is outside of EU?
Individuals’ Rights
-
New right to be forgotten and to have data erased. How to honour objections and complex suppressions.
-
User experience and customer service implications.
-
Enhanced rights of access to personal data.
Getting Ready for the Regulation
-
What does the Regulation mean for your business? How to undertake a GDPR impact assessment?
-
Preparing an action plan for pre-implementation
Course Summary and Review
-
Recap of Topics Covered
-
Discussion and Question Time