Skip to content

Organizing knowledge in the field of protecting personal data

The European General Data Protection Regulation (GDPR, 2016) protects the rights of data subjects (individuals) by imposing obligations on controllers (companies and institutions) and processors of personal data. Guidelines from supervisors, rulings from judges and new and related legislation make it clear to individuals and companies how rights can be exercised and how obligations can be met. We maintain this awareness and training program for:

  • Companies and institutions that want to make their employees and management demonstrably aware and train them to effectively comply with legislation for the protection of personal data. When developing the program, we are guided, among other things, by the Guidelines of the European Data Protection Board (EDPB) and the Information Security and Privacy Advisory Board (ISPAB) of NIST; and
  • Persons who fulfill or aspire to a role in the field of privacy, information security and compliance, in particular the Data Protection Officer (as the legislator intends in Articles 37 to 39 GDPR and the EDPB elaborates in guidelines).

We provide the following programs

The program in the company-specific learning environment creates a clear approach, implementation and management of protecting personal data. This is not only effective but also cost-efficient. You can of course add company-specific programs to this program.

Privacy awareness program

Employees manage business processes in which personal data are processed (for example collecting, storing, reading, mutating or deleting). IT systems support business processes. Experience shows that a large proportion of incidents, data leaks and other breaches of company and personal data occur in the workplace.

We offer an awareness program that changes the behavior and attitude of employees and management towards protecting company and personal data.

Three-day training program to protect personal data

A frequently requested training program is the three-day training on protecting personal data. The training guides you through legislation, case law and decisions by supervisors that are relevant to your specific business activities. In the training you will learn what rights data subjects (persons) have, what legal obligations companies have and how your company can implement these.

One-day DPIA training program

With a Data Protection Impact Assessment (DPIA) you identify the risks of data processing. With a DPIA you lay the foundation for compliance with the GDPR in your organization.

The one-day DPIA training program discusses the legal framework and practical implementation of a DPIA.

Program “Data Breaches and Dawn Raids”

In this course we explain your rights and obligations and those of the supervisor in more detail and we practice with practical examples. In the workshop we simulate a situation in which the AP exercises supervision.

Data Protection Officer Training Program

The two-year post-bachelor level data protection officer training is in line with this broad role description in the GDPR. In addition to theoretical and legal knowledge, this training also provides practical skills aimed at taking effective management and security measures in a risk-oriented manner and organizing compliance with legal and contractual obligations.

You can participate in the courses and programs via open registration and via the company’s own learning environment.

Our services

Facilitating companies with the personal data protection program leads to the following services.

DPO Register

We include students who follow the Data Protection Officer training program in the DPO register. The register provides certainty that the DPOs knowledge is at a sufficient level to be able to perform the role of DPO.

Examination Committee

The Duthler Academy has an examination committee that is responsible for carrying out the OER. The committee also monitors the quality of the courses and programs that Duthler Academy offers. The committee is open to assessing company-specific courses and programs.

CE Program

The CE program is intended to keep the knowledge of DPOs and other professionals up to date and up to standard.

Accountability Seal Register

The legislator requires the controller and processor to account for the effective functioning of the management and security measures that they are obliged to take and to provide evidence thereof. MYOBI, a trusted third party, has developed and applies a compliance and accountability cycle for companies and institutions in accordance with the GDPR. For more information, see meeting (legal) accountability.

SBC Management System

The legislator obliges the controller and processor to keep registers of processing operations, of consents granted and of noted incidents and data leaks. We can place these obligations in an administration. In this administration, a controller and processor also record evidence of the effective functioning of the management and security measures taken. SBR Powerhouse manages such an administration and further expands the administration.

Advisory services and legal aid

The professionals at Duthler Associates advise on design and compliance issues and fulfill (temporary) roles such as that of the DPO. For more information, see Protecting personal data.

The lawyers at First Lawyers assist clients when the regulator knocks on a company’s doorstep, IT suppliers do not deliver what was agreed or a company comes into contact with unfriendly hackers. For information, see a selection from the Cases.

Frequently Asked Questions

Kunnen wij het trainingsprogramma beschermen van persoonsgegevens inzetten onze organisatie?

Yes. When administering the training program to protect personal data, we provide your company-specific learning environment. With the help of the learning environment, you have access to the logistics and, with the help of the program, the content for effectively organizing the protection of personal data.

Kunnen wij het trainingsprogramma beschermen van persoonsgegevens uitbreiden met onze eigen trainingsprogramma’s?

Yes. When you purchase programs, we provide the company-specific learning environment with which you can design, build, manage and apply programs yourself. We support self-build with the knowledge management training program.

Wie verzorgt het onderhoud van de cursussen en programma’s?

The professionals of Duthler Associates and lawyers of First Lawyers take care of the maintenance of the generic courses and the personal data protection program

Kunnen wij onze bedrijfsspecifieke leeromgeving gebruiken voor het organiseren van het beschermen van persoonsgegevens?

The company-specific learning environment provides the logistics for organizing knowledge management. The programs form the content for knowledge management. We offer various programs and the company can also design, build, manage and apply programs itself.

Latest news about protecting personal data


Do you have questions or need an appointment?

Feel free to contact us at +31 (0) 70 392 22 09 or servicedesk@duthleracademy.nl. Make an appointment with one of our training advisors.