GDPR & Data Protection (DPO)
Become the Data Protection Officer your organisation needs. Master the GDPR, Greek Law 4624/2019, records of processing, DPIAs, and breach response — with templates and real case studies.
GDPR & Data Protection (DPO) is a 35-hour program that prepares you to take on the Data Protection Officer role. It combines the legal framework with the operational practice of running data protection in a real organisation — grounded in the GDPR and Greek Law 4624/2019.
Who this course is for
It is built for current and aspiring DPOs, compliance and legal staff, IT managers, and consultants advising on data protection. It suits both private-sector and public-sector contexts, where DPO appointment is often mandatory.
What you will be able to do
You will interpret and apply the GDPR and Greek law, maintain records of processing activities, carry out Data Protection Impact Assessments, handle data subject rights requests, manage the data breach lifecycle including the 72-hour notification, and advise the organisation on lawful, accountable processing. You will work with ready-to-use templates throughout.
How it is taught
The course is heavily practical. Rather than reciting articles, you apply them to realistic scenarios drawn from Greek organisations — building a record of processing, scoping a DPIA, drafting a breach notification. You leave with a working toolkit, not just knowledge.
You finish ready to serve as a DPO or to advise organisations on meeting their obligations under EU and Greek data protection law.
Curriculum
GDPR foundations
Principles, lawful bases, and the rights of data subjects.
Greek Law 4624/2019
How national law implements and supplements the GDPR.
The DPO role
Responsibilities, independence, and position within the organisation.
Records & DPIAs
Maintaining the record of processing and conducting impact assessments.
Data subject rights
Handling access, erasure, and other requests in practice.
Breach management
The breach lifecycle, the 72-hour notification, and documentation.
Frequently asked questions
Is a DPO mandatory for my organisation?
It depends on your processing activities and sector. Public authorities and organisations whose core activities involve large-scale or sensitive processing generally must appoint one. The course covers exactly how to assess this.
Does the course cover Greek law specifically?
Yes. Alongside the GDPR, a full module covers Greek Law 4624/2019 and the role of the Hellenic Data Protection Authority, which is essential for organisations operating in Greece.
Will I get usable templates?
Yes. You work with templates for records of processing, DPIAs, and breach notifications that you can adapt for your own organisation.