Intensive data protection course

GDPR Data Privacy Manager

Intensive course GDPR DPM (Data Privacy Manager). How to implement GDPR in practice and organize the work of the project team.

Do you know these problems?


You took the DPP course, but you are afraid to act, because you think that you still don’t know something or don’t know how.


Some steps have already been taken to implement the GDPR, but the work hasn’t been completed and the enthusiasm has disappeared.


You are aware that you are violating the rules for personal data protection, but you don’t have enough time and human resources, power and support of management.


You are concerned about the release of ISO 27701 and realize that soon your competitors may have a certification that you don’t have.

After training:

The DPM course will help you master practical tools or remember the tools you already have. You will start using the same frameworks and tools (Nymity accountability framework) that we use in working with our corporate clients to bring their organizations into compliance.

We took the content from ISO27701 and moved it to the effective working tools that are available in Nymity. This is why you will get our unique two-in-one model for the first time in the DPM course: learn the standard and get working tools to implement it.

You will learn how to create a plan and matrix of responsibilities, and evaluate resources for their implementation. Management will take you more seriously if you come with more than just an idea, but have a well-developed plan and are ready to take leadership and responsibility for its implementation.

For whom?

For employees of the company who are responsible for organizing the protection of personal data, in particular, for:


DPOs (Data Protection Officers).


Head of information security, legal or compliance departments.


Line and project managers.

Our advantage

We provide a complete Roadmap

Our company doesn’t just offer separate GDPR services, but provides a complete Roadmap (implementation roadmap) and guides companies through all steps of implementing GDPR requirements.

Theory + practise

During the course, we provide not just theory, but also real-world cases, practical examples, and best practices from our GDPR Roadmap+ experience in companies of various sizes (from startups to international corporations), industries (from IT and FinTech to manufacturing), and maturity levels.

After the course you will:

Our course covers theory, real-world cases, practical examples, and best practices from our experience with GDPR Roadmap+ in companies of all sizes, industries, and maturity levels.


You can organize processes within the company according to ISO27701.

This will give you unique competencies and give your company a marketing advantage. This means that you will stand out from the competition and will be able to get more orders and loyal customers.


You will be able to achieve concrete results.

Previous investments (including training and practical steps) will not be in vain, and the initiatives started in the company will lead to results and multiply.


You will get a ready-made algorithm of actions in 4 days.

Instead of independently searching for methods, trial and error, you will get a ready-made algorithm of actions in 4 days. This is not the only way to reach the goal, but you will know it well. After all, as they say, the fastest road is the road that you know well.


We will learn how to apply them in practice.

All this system will be reflected in the clear schemes that our coach Siarhei Varankevich is famous for. And in the future, looking at them, it will be easy for you to navigate what to do and how.


You will be able to organize the work on personal data protection.

It does not be only on paper, but also implemented at the level of specific actions and processes.


You сan stop worrying about GDPR-compliance.

Stop worrying that someone will find a discrepancy between what you have written on paper and what is happening in reality.


You will feel the significance of your contribution and satisfaction with the results.

You will stop feeling that you are not being heard or taken seriously by your recommendations. 


You will be able to put your work with personal data in order.

Thus, you not only comply with the Regulations, but also speed up business processes, increase efficiency, and protect the company and customers from risks.


You will get more inspiration and motivation.

When you have a clear understanding of what to do and have all the tools you need, it will give you more inspiration and motivation. This will make it easier to engage other employees and get support from management.


The DPM certificate is a recognition of your higher level of competence in the field of personal data protection.

When you can launch a working system in your company and really come to compliance, it will really set you apart from your competitors, who still remain only at the level of documents and instructions that no one follows.


January 15 - 31

  • Concepts of privacy, data privacy, data protection. Types of privacy.
  • Analysis of information assets, business needs, and regulatory and contractual requirements
  • Organizational entity dealing with data protection
  • Needs and expectations of stakeholders
  • Scope of privacy programme
  • Governance models of privacy programme
  • Nymity Accountability Status Workbook
  • Nymity Data Privacy Accountability Scorecard
  • Assessment and treatment of the data privacy risks
  • Selection and implementation of controls
  • Internal policies
  • Policy types
  • Determination of the necessary resources and their allocation
  • Acquisition and maintenance of competencies
    Raising Awareness
  • Internal communication
  • External communication
  • Support of management and other stakeholders
  • Role and Responsibility Matrix for GDPR implementation
  • Distribution of responsibilities with RACI Chart
  • Privacy Team
  • Data Protection Officer
  • Process approach
  • Maintaining the records of processing activities (Data register) under the GDPR
  • Conducting Data Protection Impact Assessment (DPIA)
  • Assessing vendors
  • Processing requests from personal data subjects (DSARs)
  • Data breach notification
  • Conditions for collection and processing
  • Obligations to data subjects
  • Privacy by design and privacy by default
  • Sharing, transfer and disclosure of personal data
  • Monitoring, measurement, analysis and evaluation
  • Audits, their stages and types
  • Nonconformity and corrective action


Siarhei Varankevich


Founder of DPO Europe GmbH. Data Protection Trainer and Principal Consultant.
Siarhei Varankevich FIP is the founder of the international data protection consultancy, Data Privacy Office. He provides consultation on the European GDPR and Emirati PDPL. He is the author and instructor of GDPR DPP, GDPR DPM, and UAE DPO data protection training courses. He is a certified professional (CIPP/E), manager (CIPM), and technologist (CIPT) in information privacy. Siarhei is also the chief editor of, an online guide to the EU General Data Protection Regulation.

Sign up

Fill out the form and we will contact you as soon as possible!

Contact Sales

Learn what Data Privacy Office Europe can do for you.

Fill out the form and we will contact you as soon as possible!

Sign up

Fill out the form and we will contact you as soon as possible!