The data protection training focuses on the importance of GDPR (General Data Protection Regulation) and its implementation within the company’s context. During the training, you will learn how to adapt your company’s data protection policy in accordance with GDPR requirements. The training also covers key GDPR principles and best practices.

  • How to assess whether your company’s data processing meets GDPR requirements?

The first part of the training focuses on how to assess your company’s data processing in terms of GDPR requirements. We will learn what the main principles of the GDPR are and what rights data subjects have. In addition, we will explore the company’s obligations when appointing a data protection officer and responding to data subject requests. We will also discuss the importance of data protection risk assessments and how to conduct them. This part will help participants understand how to audit their business to ensure compliance with GDPR requirements.

  • Do your company’s software solutions and databases meet the technical and legal requirements of GDPR?

In the second part, we will explore in depth the technical and legal requirements of GDPR concerning the company’s software solutions and databases. We will learn how to plan data processing to align with GDPR principles, including data protection specifications and security. Additionally, we will discuss ensuring lawful data processing and how to document and retain necessary evidence to meet legal requirements. Participants will learn how to adapt their technical and legal infrastructure to meet the needs of GDPR.

  • Do you have impact assessment documentation that complies with GDPR requirements?

In the third part, we will explore the importance of GDPR impact assessment documentation and how to properly create and maintain it. We will explain when an impact assessment is necessary and the content and structure requirements according to the GDPR. We will also focus on the updating of impact assessments and its links to data protection risk analysis. Participants will learn how to document and assess the impacts of data processing for both the organization and data subjects and how to comply with GDPR requirements in this context.

In summary, this training will provide the participants with a comprehensive understanding of GDPR requirements, with a focus on their legal aspects. Participants will gain knowledge on how to assess, plan, and document data processing in accordance with GDPR requirements and ensure their company’s data processing is GDPR-compliant. They will also learn how to create and maintain necessary documentation and how to respond to legal requirements and audits.

gdpr koolitus -Andres Ojaveer

Trainer: Andres Ojaver

Hedman’s data privacy counsel Andres Ojaver assists associates mainly in matters regarding data protection. He has obtained the prestigious CIPP/E certificate from IAPP, which is the largest and most comprehensive information-privacy organization in the world.

Getting this certificate, shows that person has comprehensive GDPR knowledge, perspective, and understanding to ensure compliance and data protection success in Europe. Andres has previously worked in Estonian Data Protection Inspectorate as a Supervisory Director and as a Data Protection Officer in Telia Estonia.

This position was much related to foreign cooperation and data protection on the European level which has given him a wide range of theoretical and practical experience of legal requirements and how to implement data protection in organizations. Andres was a member of several international supervisory authorities and also vice-president of one.

Andres also teaches data protection on the expert level as a visiting lecturer at Tallinn University of Technology.

GDPR - Toomas Seppel

Trainer: Toomas Seppel

Hedman’s partner Toomas Seppel specializes in law pertaining to the technology industries. He is working with various start-ups, gaming, FinTech, e-commerce, and SaaS companies. He also takes a proactive stance on the current concern with privacy and data laws, advising companies on the building of products and services that comply with the General Data Protection Regulation (GDPR). Since 2018, he is the founder of GDPR Register, a legal tech company providing software for GDPR compliance.

He actively mentors startup companies through PrototronClimate Launchpad, and Tehnopol programs.

Contact us!

Did you find a suitable training or would you like more information?

Get the latest about Hedman law firm


Our memberships:
FinanceEstonia, Lexing®,
Estonian Service Industry Association,
Estonian Chamber of Commerce and Industry,
EstVCA, EstBan, FECC,
IBA & IBA European regional Forum