Postgraduate Degree in Personal Data Protection, Privacy and Cybersecurity in the EU
Scientific Area
The course takes place online, with classes held remotely at the indicated times.
We live in an era where information and personal data are asserting themselves as strategic resources with high economic and social value. Constant technological evolution has imposed the need for close collaboration between technological sciences and law, giving rise to new branches of specialization and highly complex regulatory challenges.
Personal Data Protection Law is today one of the legal fields with the greatest practical and scientific development, assuming an indisputable relevance regarding its autonomy. This evolution largely results from the need for articulation between public and private law, as well as between domestic and European law, in a context where the circulation and processing of data transcends borders and sectors.
The entry into force of the General Data Protection Regulation (GDPR), published on May 4, 2016, and fully applicable since May 25, 2018, represented a true transformation in the European framework for privacy protection. The new regulation introduced profound changes to the applicable legal regime, strengthening the rights of individuals and imposing increased obligations of responsibility and transparency on public and private entities.
Since then, the European regulatory landscape has been consolidating with new complementary legislation, such as the NIS2 Directive, the AI Act, the Data Governance Act, the Data Act, and the Cyber Resilience Act, which reinforce the need for an integrated approach between legal protection, technological security, and organizational management.
It is within this context that the Postgraduate Program in Personal Data Protection, Privacy and Cybersecurity in the European Union is situated, whose 10th edition aims to offer up-to-date and excellent training, articulating theoretical foundations with practical application.
- A solid theoretical foundation in data protection, utilizing fundamental legal concepts from both European and national sources.
- Knowledge of the competent bodies in this area, with particular emphasis on the CNPD, the EDPB and the role of the CJEU.
- An in-depth study of organizational obligations, compliance functions (with a special focus on the Data Protection Officer – DPO), and the challenges associated with international transfers and conducting impact assessments.
- A practical and applied approach to cybersecurity, exploring both regulatory requirements and the technical and organizational measures necessary for risk mitigation.
- An analysis of emerging challenges, such as artificial intelligence, blockchain, big data, IoT, 5G, and the metaverse, always from a perspective of articulation between law and technology.
- To provide advanced and interdisciplinary training in data protection, privacy, and cybersecurity, based on the General Data Protection Regulation (GDPR), Law No. 58/2019, the ePrivacy regulation, the NIS2 Directive, and other European and national legislation.
- To enable course participants to understand and apply the legal and technical principles of data protection, linking law with technological sciences.
- To train qualified professionals to perform leadership and responsibility roles in terms of compliance, information security, and privacy governance.
- To promote critical and practical analysis of real-world cases and case law, preparing participants to respond to emerging challenges in complex organizational environments.
This postgraduate program is aimed at professionals who wish to specialize or update their skills in data protection, privacy, and cybersecurity, encompassing lawyers, judges, compliance managers, IT and security managers and specialists. It is particularly suitable for Data Protection Officers (DPOs), human resources managers, senior executives and business owners, as well as professionals in legal and regulatory fields who wish to strengthen their scientific and applied preparation in this area.
Target principal:
I. Data Protection Officers;
II. Company managers;
III. Human resources managers;
IV. Senior executives (especially in the areas of compliance and information technology);
V. Lawyers and legal professionals;
VI. Masters in Law, Computer Engineering and Telecommunications, Economics and Business Administration;
VII. Undergraduate students in Law, Computer Engineering, Management Information Systems, Economics, Business Administration and Human Resources Management.
Opening Conference
1.5 hours_0.5 ECTS
Fundamentals and Legal Framework
12 hours_4 ECTS
Functions, Responsibilities and Compliance
15 hours_5 ECTS
Cybersecurity Applied to Data Protection
16.5 hours_5.5 ECTS
Emerging Technologies and Challenges
7.5 hours_2.5 ECTS
Risk Management and Incident Response
16.5 hours_5.5 ECTS
Sectoral Contexts
16.5 hours_5.5 ECTS
Case Studies
3 hours 1 ECTS
Closing Conference
1.5 hours_0.5 ECTS
Doutora Cristina CaldeiraDoutora Graça Canto MonizDoutora Lurdes Dias AlvesDoutor Pedro Dias VenâncioDoutor Pedro Trovão do RosárioDoutora Raquel Brízida de CastroMestre Ana Paula LourençoMestre Florbela JorgeMestre João Paulo RibeiroMestre Lino SantosMestre Marco Alexandre SaiasMestre Nuno NevesDrª. Filipa Dias Alves Dr. Rogério BravoDr. Tiago Cabanas Alves
Testimonials
Next Edition: November 4, 2025
Teaching Regime: Online
Duration: 90 hours
ECTS: 30 – Under review by the UAL Scientific Council
Time: Tuesdays from 7:00 PM to 10:30 PM, Thursdays from 7:00 PM to 10:30 PM
- Registration fee: €150
- Registration fee: R$ 100
- Certificate of qualifications: €75
- Fee: €1,450*
Payment can be made in 5 monthly installments or in full with a 3.5% discount.
*Former students of AUTÔNOMA receive a 10% discount on their monthly tuition fees.
- Original or certified copy of the Qualifications Certificate (a)
- Color photograph
- Curriculum vitae.
(a) Qualifications obtained at the Autonomous University do not require authentication. In the case of qualifications obtained abroad, in addition to the authentication of the copy(ies) described above, authentication by the Portuguese Embassy or Consulate in the country of origin of the academic qualification or by the Apostille of the Hague Convention is required. If the documents are not in Portuguese, translation of the documents by a translator recognized by the Portuguese diplomatic representation will be required.
Registration will only be validated upon payment of the fee and delivery (within a maximum of 30 days) of all requested documentation.
Failure to submit the aforementioned documents invalidates the registration and prevents attendance at the course.
