Registration starts at 13:00
Why should you choose this course?
Data breach is now an all too frequent headline in the media, and with the advent of the GDPR, fear of huge fines from the regulator and the potential for negative publicity, GDPR compliance has never been more important.
Based on our experience we have identified certain common questions for technology businesses. This course provides you with distilled advice on these common areas, with the aim of reducing the risk of enforcement action and give you increased confidence when negotiating with your customers and other third parties in this area.
Who should attend?
This practical half day course is aimed at individuals in technology businesses, particularly for those who already have an understanding of the GDPR and who have responsibility for compliance within their organisation. In particular, it is aimed at businesses who are typically data processors when processing the personal data of their data controller customers, but who also collect personal data of their own (and for which they are data controllers) – especially for marketing purposes and in an HR context.
Why should you choose this course?
It is intended to be a focussed, interactive and applied session.
The session will cover the following topics:
Brief introduction – overview of common question areas facing technology businesses.
- The marketing minefield – we consider the complex overlap between the GDPR and the Privacy and Electronic Communications Regulations 2003 (PECR) and offer practical advice on ensuring that these two laws relating to marketing are simultaneously complied with. We consider buying marketing lists and B2B vs B2C marketing.
- Consent – we look at the circumstances in which it is appropriate, and not, to obtain the consent of individuals, and how this should be done. We also look at when it is appropriate to try and get refreshed consent.
- Retain or delete? – we offer some useful guidance on appropriate retention periods.
- HR specific issues – we look at some key areas in an HR context, for current, former and future employees.
- Appointing your own suppliers and subcontractors – we summarise the approach which should be taken in relation to appointing suppliers and subcontractors, including conducting due diligence, contract clauses and the position regarding liability.
- Using the cloud – we summarise the regulator’s position on this area.
- Overseas transfers – we summarise the GDPR in terms of easy to follow steps, to ensure that you have the information to select the most appropriate way of ensuring that a transfer is GDPR compliant.
- Breach notification – we break down the stages of breach reporting and look at the circumstances in which you do and do not need to report breaches.
- Assisting a customer – how far do I need to go? Many customers now expect their suppliers to assist with compliance, for instance in responding to subject access requests. We offer some sensible suggestions for limiting your obligations.
About the trainers
Andrew Rankin is a Legal Director and Chris Air an Associate Solicitor, at law firm DAC Beachcroft LLP. Both Andrew and Chris specialise in advising suppliers and customers on technology deals, Andrew and Chris both hold the BCS practitioner certificate in data protection and have experience of advising on a wide range of data protection related issues in the technology sector.
What is the cost of the course?
techUK Members- £295.00 + VAT
Non Members- £495.00 +VAT
If you are not sure whether your company is a member of techUK, click hereto check first to ensure you pay the correct price for the course you are booking. If you need further assistance, please do not hesitate to contact firstname.lastname@example.org.