GDP101 – GDPR for Developers

Learn about our course, GDPR for Developers.

Course Learning Objectives

Learn about the background of GDPR and define the stages of the data life cycle. Find out how to collect personal data lawfully and give users access to that data.

Discover how to keep collected data accurate, how to avoid profiling, and how to transfer personal data. Explore techniques for storing and removing personal data, and documenting activities performed on that data.

Description

We know that developers would rather spend their time coding than worrying about if their application is compliant with the General Data Protection Regulation (GDPR).

We created this course to focus on development and to be practical for developers so they can get the essentials of meeting GDPR requirements without learning everything about them. Who has time for that?

Audience Time Required
Software Developers
Software Architects

Tailored learning – 45 minutes total

Course Outline

1. Introduction to GDPR

  • About GDPR
  • What is GDPR made up from?
  • Article GDPR impact
  • Article Facebook
  • Smartwatch example
  • GDPR key terms
  • Privacy by design
  • Confidentiality, Integrity and Availability (CIA)
  • Stages of the data lifecycle

2. Data acquisition and collection

  • About consent
  • Legal basis
  • Consent examples
  • Article Facebook
  • Consent
  • The consent statement
  • Consent tips
  • Keeping track of consent
  • Withdrawal of consent
  • Getting consent from children
  • Article Consent
  • Legitimate interests and the privacy notice
  • Access to information about processed personal data
  • Data minimization and purpose limitation
  • Labeling
  • Personal and sensitive data

3. Data usage

  • Data consistency
  • Access and portability
  • Access guidelines
  • Portability guidelines
  • Data restriction
  • Tracking and profiling
  • Profiling guidelines
  • Profiling example
  • Article Profiling
  • Data transfers
  • Data transfer exceptions
  • Article Data transfers

4. Data archival and disposal

  • Data archiving
  • Pseudonymization guidelines
  • Secondary purposes
  • Data erasure
  • Data erasure guidelines
  • Data disposal example
  • Data retention
  • Data retention example
  • Data register