GDPR (General Data Protection Regulation) Course

GDPR (General Data Protection Regulation) Course
The rapid technological development and globalization have brought new challenges for the protection of personal data. The scale of the collection and sharing of personal data has increased significantly.

Technology allows both private companies and public authorities to make use of personal data on an unprecedented scale in order to pursue their activities. Individuals increasingly leave personal information that is publicly available on a global scale. The technology has transformed both economic and social life.

These developments require a strong and more coherent data protection framework in the European Union backed by strong law enforcement, given the importance of creating the trust that will allow the digital economy to develop across the internal market. With this regard, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) was adopted, which will apply from May 25, 2018. This regulation requires a comprehensive redesign of ICT security strategies in the organizations.

If a controller or processor intentionally or negligently infringes several provisions of the Regulation or fails to comply with a supervisor’s order, shall be subject to administrative fines up to 20 000 000 EUR, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher.

Guiding Principles of the Training:

  •  Application of a learning-oriented approach – practical tasks, case studies, role-playing games, discussion and acquaintance with good practices;
  • Supported with quality teaching materials – presentations, visual materials, sample models, useful extracts from the legislation, etc. .;
  • Ensuring the quality of training at European level – lecturers with long experience in the public and private sectors, working on European projects and with European experts and institutions.


The purpose of the General Data Protection Regulation (GDPR) course is to train the trainees to acquire regulatory knowledge and practical skills for their application in their everyday work of processing personal data, communicating with supervisors and supervisors, creating content, security and solving problems.

Curriculum Program General Data Protection Regulation (GDPR) course:


  • Module Legal Aspects of the GDPR;
  • Module Technical Aspects of the GDPR;
  • Module Organizational Aspects of the GDPR.


The Module Legal Aspects of the GDPR deal with: the structure and content of the Regulation; new points in EU data protection law; expected changes in Bulgarian legislation; processing of special categories of personal data; codes of conduct; binding corporate rules; tendencies, delegated acts and implementing acts; cases of cross-border relevance, etc.


The Module Technical Aspects of the GDPR are considered: the new EU data protection strategy; state-of-the-art advanced data protection technologies; expected technical difficulties in implementing the GDPR; determination of the means of processing; Risk Assessment; assessment of the effectiveness of technical measures; assessment prior to the commencement of processing operations; mechanisms for demonstrating compliance with the regulation, etc.


The Module Organizational Aspects of the GDPR include: defining the nature, scope, context and purposes of the processing; Data protection impact assessment; determining responsibility for fulfilling the obligations under the Regulation; arrangements, roles and relationships of joint controllers – advantages and disadvantages; creating and maintaining records of processing activities; implementation costs; making decisions based on risk assessment of different probability; expectations of data subjects; evaluation of the effectiveness of organizational measures, data security on supply and distribution chains, etc.


The course is designed for managers, programmers, system administrators, information security officers, lawyers, controller, personal data processors, HR, PR, customer service, government or local self-government, and everyone who is interested in data protection.


A document is issued to those who have passed the training – certificate.


Duration of the course: 14 hours.


The training is delivered in attendance sessions in Bulgarian language.


The classes are held in the Teza Training Center at: Sofia, Mladost 1, bl. 54A , Bulgaria


Morning: 4 days a week, 3,5 hours a day


Optimal number of participants in a group: 12


At the request of corporate clients and public entities, TEZA Ltd. can develop and deliver training on specific additional modules tailored to the needs of the client. For further information and quote, please contact our employee at 02 9 691 598.