Independent Study Resource
Data Privacy
Fundamentals
Edition v2.4
Coverage GDPR · ePrivacy · EU AI Act
Format Self-paced
A comprehensive educational library designed to help you understand complex privacy regulations. Structured, rigorous, and self-paced — built for practitioners and business owners alike.
01
Structured Modules
Curated curriculum breaking down the full Body of Knowledge.
02
Scenarios
Test your knowledge with difficult, real-world cases.
03
Progress Tracking
Visual analytics and persistent read states.
04
Always Updated
Reflects the latest guidelines and regulatory precedents.
Curriculum Overview
Master the regulatory landscape.
Origins & History
- Data protection power, people, and personal information
- Hesse (Germany) to Sweden: Early laws
- OECD Guidelines and CoE Convention 108
- Evolution: Directive 95/46/EC to GDPR
EU Institutions
- History of EU treaties and integration
- Institutions (Parliament, Commission, Council)
- Constitutional principles: Supremacy & Direct Effect
- The role of the CJEU in privacy
Core Concepts
- Personal Data vs. Special Categories (Art 9)
- The 7 Principles (Lawfulness, Fairness, Minimisation…)
- Controllers, Processors, and Joint Controllers
- Legal Bases for Processing (Art 6)
Data Subject Rights
- Right of Access (Art 15)
- Right to Rectification (Art 16)
- Right to Erasure – 'Right to be Forgotten' (Art 17)
- Right to Restriction of Processing (Art 18)
- Right to Data Portability (Art 20)
- Right to Object (Art 21)
- Auto-Decision Making & Profiling (Art 22)
Intl. Transfers
- Adequacy Decisions (Art 45) & The Schrems Legacy
- Standard Contractual Clauses (SCCs) & IDTAs
- Binding Corporate Rules (BCRs)
- Derogations for specific situations (Art 49)
Practical Ops
- RoPA: Building the Article 30 Record
- DPIA: Running Impact Assessments (Art 35)
- Breach Mgmt: Response & Notification (Art 33)
- PbD: Implementing Privacy by Design (Art 25)