Certified Information Privacy Professional Europe (CIPP/E)

2,195.00  excl. VAT

Duration: 2 days;

Prerequisites: None;

Instructor: Jorge Carrilllo,, PhD; (Certified Data Protection Officer GDPR-P, GDPR-F PCI ISA (PCI SSC Internal Security Assessor) and PCI Professional (PCIP); Microsoft Certified Trainer; Certified Professional in Accessibility (CPACC); PMI-ACP, PMP, PRINCE2 Practitioner 2009 and 2017 edition; ITIL Foundations; CIPP/G, CIPP/US, CIPP/E, CIPP/C, CIPM, CIPT; FIP; CISSP; Data Protection Compliance in the EU).

Delivery dates: February 4th – 5th  2019 (MON – TUE);

Location: Conference Room, VITOSHA Park Hotel, 1, Rosario Str., Sofia 1700, Bulgaria.


Note to international travelers:

This course will be delivered in Sofia, Bulgaria. Sofia Airport is easily accessible from all major airports around the world. Learn Valley ltd. provides all international travelers with advice and support prior to and during their trip. Learn Valley Ltd. will welcome international travelers at Sofia Airport and arrange for transportation to their hotel of choice. The hotel where the event will take place (VITOSHA Park Hotel) offers single standard rooms in the range~EUR 50 per night.  EU businesses registered outside of Bulgaria will not be charged VAT on the tickets for the course due to the EU reverse charge mechanism.


Founded in 2000, the IAPP is the world’s largest and most comprehensive privacy resource with a mission to define, support and improve the Privacy profession globally. Every day, we access, share, manage and transfer data across companies, continents and the globe. Knowing the ins and outs of data protection requirements gives you the information you need to stay ahead of breaches—and help you advance your career. The Principles of Data Protection in Europe training covers the essential pan-European and national data protection laws, as well as industry-standard best practices for compliance with these laws. The General Data Protection Regulation (GDPR) takes effect in 2018 and CIPP/E gives you comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe.

What you will learn:

  • Introduction to European Data Protection;
  • European Regulatory Institutions;
  • Legislative Framework;
  • Compliance with European Data Protection Law and Regulation;
  • International Data Transfers.

What can the CIPP do for you?

It will show the world that you know privacy laws and regulations and how to apply them, and that you know how to secure your place in the information economy. When you earn a CIPP credential, it means you’ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more.

Developed in collaboration with the law firms, Bird and Bird, Field Fisher, Wilson/Sonsini and Covington and Burling, the CIPP/E encompasses pan-European and national data protection laws, key privacy terminology and practical concepts concerning the protection of personal data and trans-border data flows.

With the power of ANSI/ISO accreditation behind it, a CIPP/E credential elevates your professional profile by deepening your knowledge and improving your job effectiveness. We constantly update our certification exams, textbooks and training to reflect the latest advances in privacy. The CIPP/E includes critical topics like the EU-U.S. Privacy Shield and the GDPR.

When the GPPR takes effect in 2018, among its mandates is the requirement to appoint knowledgeable DPOs (data protection officers) tasked with monitoring compliance, managing internal data protection activities, training data processing staff, conducting internal audits and more. There’s a lot to know, there’s a lot at stake and there’s a lot of opportunity for privacy professionals with the right training and education.

Achieving a CIPP/E credential shows you have the comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe—and to take advantage of the career opportunity this sweeping legislation represents.

Add a CIPM credential to the CIPP/E and you’ll be uniquely equipped to fulfill the DPO requirements of the GDPR. The CIPP/E relates to the knowledge a DPO must have concerning the European legal framework of the legislation, and the CIPM the theoretical aspects necessary to lead an organization’s data protection efforts.

About the instructor, Jorge Carrillo PhD:

Jorge Carrillo PhD is an enthusiastic InfoTech advisor since 2000 in the areas of IT, Compliance, Project Management and InfoSec.

Jorge Carrillo obtained his PhD in applied Informatics at the Faculty of Informatics at Masaryk University in Brno. After his studies, Jorge has been helping international organizations to address complex security and compliance challenges.

Jorge is an active contributor to the IT Industry. He has participated as a speaker at few international conferences, and delivered lectures and workshops at Czech Universities to promote good practices in different topics of Information Governance and Project Management since 2011.

Target Audience

  • Chief Privacy Officers (CPOs);
  • Privacy Professionals;
  • Legal Compliance Officers;
  • Risk Managers;
  • Security Officers (CISO);
  • Security Managers;
  • CISSP/CISM/CISA certified professionals;
  • Data Protection Officers;
  • Data Protection Lawyers;
  • Records Managers;
  • Information Officers;
  • Compliance Officers;
  • Human Resource Officers;
  • Anyone who uses, processes and maintains personal data.

Course Objectives:

Principles of Data Protection in Europe covers the essential pan-European and national data protection laws, as well as industry-standard best practices for corporate compliance with these laws. Those taking this course will gain an understanding of the European model for privacy enforcement, key privacy terminology and practical concepts concerning the protection of personal data and trans-border data flows. The training is based on the body of knowledge for the IAPP’s ANSI accredited Certified Information Privacy Professional/Europe (CIPP/E) certification program.



Course outline:

  • Module 1: Data Protection Laws . Introduces key European data protection laws and regulatory bodies, describing the evolution toward a harmonised legislative framework.
  • Module 2: Personal Data. Defines and differentiates between types of data, including personal, anonymous, pseudo-anonymous and special categories.
  • Module 3: Controllers and Processors : Describes the roles and relationships of controllers and processors.
  • Module 4: Processing Personal Data. Defines data processing and GDPR processing principles, explains the application of the GDPR and outlines the legitimate bases for processing personal data.
  • Module 5: Information Provision. Explains controller obligations for providing information about data processing activities to data subjects and supervisory authorities.
  • Module 6: Data Subjects’ Rights. Describes data subjects’ rights, applications of rights and controller and processor obligations.
  • Module 7: Security of Processing. Discusses considerations and duties of controllers and processors for ensuring security of personal data and providing notification of data breaches.
  • Module 8: Accountability. Investigates accountability requirements, including data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer.
  • Module 9: International Data Transfers. Outlines options and obligations for transferring data outside the European Economic Area, including adequacy decisions and appropriate safeguards and derogations.
  • Module 10: Supervisions and Enforcement. Describes the role, powers and procedures of supervisory authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance.
  • Module 11: Compliance. Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, including employers processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing.