Period:  16.05.2018
Organiser:  е-Commerce Academy
Lecturers:  Alexandra Tsvetkova

Alexandra Tsvetkova, Director of LIBRe Foundation and an expert on legal aspects of information technology and personal data protection, led a training on the new aspects of personal data protection focusing on the basic principles of lawful processing, the duties of an organization as a data controller or a data processor including with respect to their employees’ duties, the Regulation 2016/679 compliance framework and the implementation of the necessary technological and organizational measures to achieve this compliance.

The purpose of the seminar was to provide the attendees with an understanding of the categories of personal data processed by their organizations, and how information flows and links in the exchange of information within the organization and between the organization and third parties affect the rights of their users, customers and partners; to clarify what organizational, legal and technical measures the organization has to undertake to protect the personal data being processed by the organization and how this affects the work of the employees and the communication with third parties; as well as providing detailed information on the ways of achieving compliance with the requirements of the General Data Protection Regulation (GDPR).

The training was complemented by two specialized sessions dedicated to: (a) data processing at work, including from monitoring ICT usage at the workplace, involving vehicles used by employees, using video monitoring or access control systems, as well as the specifics of data processing based on periodic update of the health status of the employees; and (b) preparation and visualization of Privacy Policies and the adaptation of the e-commerce platforms’ functionalities to the GDPR requirements.