GDPR For Dummies (Paperback)

Introduction 1

Part 1: Getting Started with GDPR 11

Chapter 1: Grasping the Fundamentals of GDPR and Data Protection 13

Chapter 2: Key Changes Introduced by GDPR 21

Part 2: The Key Principles of GDPR 37

Chapter 3: Digging In to Data: What’s Personal, What’s Sensitive, and How It’s Processed 39

Chapter 4: The Six Data Protection Principles 79

Chapter 5: Data Controllers and Data Processors 89

Chapter 6: Transfers of Data Outside of the EEA 101

Part 3: Key Documentation 117

Chapter 7: Building Your Data Inventory 119

Chapter 8: Penning a Privacy Notice 135

Chapter 9: Cookie Policy 145

Chapter 10: Drafting Data Processing and Data Sharing Agreements 159

Chapter 11: Writing Opt-In Wording 171

Chapter 12: Writing a Legitimate Interests Assessment Form 187

Chapter 13: Writing Other Documents 195

Part 4: Data Subject Rights, Protection, and Security 203

Chapter 14: Data Subject Rights 205

Chapter 15: Data Protection by Design and by Default 229

Chapter 16: Data Security 243

Chapter 17: Data Breaches and Reporting Obligations 267

Part 5: The Workplace, Marketing, and Beyond 285

Chapter 18: GDPR and the Workplace 287

Chapter 19: Keeping Your Marketing GDPR-Compliant 311

Chapter 20: Children, Charities, and Associations 225

Chapter 21: Supervisory Authorities, Remedies, Liabilities, and Penalties 351

Part 6: The Part of Tens 369

Chapter 22: Ten GDPR Resources 371

Chapter 23: Ten Must-Have Skills for the DPO 379

Chapter 24: Ten Ways to Train Employees to Be Good Stewards of Data 385

Part 7: Appendixes 393

Appendix A: Upcoming Changes to Data Protection Laws 395

Appendix B: List of Supervisory Authorities 403

Appendix C: GDPR Checklist 409

Appendix D: Glossary 419

Index 425