Personal data protection in recruitment


Personal data protection in recruitment

Information Security Privacy and Data Protection

What problem does this training solve?

Due to the rapid development of new technologies and the constantly growing scale on which personal data are processed, the need for more restrictive protection of the rights of natural persons has arisen. On 25 May 2018, the Regulation of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, i.e. the General Data Protection Regulation, came into force.

The aim of the training is to discuss the provisions of the General Data Protection Regulation (GDPR) and related provisions including, for example, the new Personal Data Protection Act, the Labor Code, regulations regarding the storage of employee files or provisions on video monitoring in the context of their application in the daily functioning of public entities and private entities.

The training will consist of several thematic blocks and within each of the blocks short practical exercises will be carried out, the aim of which is to build skills related to the correct interpretation of legal provisions and the proper application of the General Data Protection Regulation.


1. Introduction to the new data protection regulations.

  • Why was it necessary to introduce changes in the legal system regarding the protection of personal data?
  • What is the territorial scope of application of the provisions of the General Data Protection Regulation?
  • Who is affected by the General Data Protection Regulation?

2. Discussion of basic issues related to the protection of personal data:

  • What is personal data and what are the types of personal data?
  • What is the meaning of the concept of personal data processing?
  • What is a personal data controller and a joint controller?
  • When do we deal with biometric data?
  • Sharing personal data and entrusting personal data.
  • Grounds for the processing of personal data.

3. General obligations of the controller of personal data.

  • What does the new data processing documentation look like?
  • How to fulfill information obligations towards persons whose data is processed?
  • Protection of personal data.
  • Obligation to report personal data breaches.
  • Rights of data subjects – right to access data, right to erasure, right to data portability.
  • Profiling of natural persons.
  • Data protection impact assessment.

4. Exercise of the functions of the Data Protection Officer.

  • When is the appointment of a Data Protection Officer mandatory?
  • What are the differences between the role of Information Security Administrator and Data Protection Officer?
  • What are the duties of the Data Protection Officer?
  • How to conduct a data protection compliance audit?

5. Other areas of personal data protection.

  • Discussion of the draft of the new law on the protection of personal data.
  • Discussion of the draft labour code from the point of view of the provisions on the protection of personal data.
  • System for imposing financial penalties for data protection breaches.
  • Data protection by design ("Privacy by Design")
  • Processing of children's personal data.
  • Codes of conduct and certification in the field of personal data protection.
  • Transfer of data to third countries.


Available as on-line course
This training is available as live on-line course
Available as Video on Demand
30 lipca 2019 22:36
Target groups

Relevant services

Relevant training sessions