The course takes place in an online format, with classes conducted remotely according to the specified schedule.

The ongoing technological evolution has imposed the need to integrate technological sciences with law. Today, Data Protection Law is one of the fastest-growing fields in both practical application and scientific development. Indeed, with the implementation of the General Data Protection Regulation (GDPR), Data Protection Law has gained indisputable relevance as an autonomous legal discipline, due to the necessity of harmonizing public and private law, as well as national and European law.
Information has become a valuable asset for any company or organization aiming to remain competitive. New technologies compel businesses of various sizes and sectors to modernize and embed digital culture into their daily operations. However, increased access to information technologies also introduces vulnerabilities, ranging from simple to highly complex. Consequently, the use of security mechanisms is indispensable for organizational survival. In fact, information security has long ceased to be merely a necessity and has become a priority.
In light of this reality, the Postgraduate Program in Personal Data Protection, Privacy, and Cybersecurity in the EU aims to provide, in summary, a foundational theoretical preparation on personal data protection through the understanding of applicable legal concepts—both from European and national law. It also seeks to familiarize students with the competent authorities in this field and to address various emerging aspects of privacy protection, as well as the essentials of the European legal framework on cybersecurity.

This 10th edition of the Postgraduate Program, consisting of 60 sessions (90 hours), features the participation of renowned national experts in the subjects covered by the course curriculum.

• To provide fundamental scientific training on personal data protection through the understanding of applicable legal concepts, both from European sources and national law, based on the new General Data Protection Regulation (GDPR).
• To provide knowledge about the authorities responsible for this area.
• To provide knowledge about the authorities responsible for this area.
• To address the European legal framework on cybersecurity.

The Postgraduate Program in Personal Data Protection, Privacy, and Cybersecurity in the EU is specifically designed to provide scientific training in this field to business owners, senior executives—particularly human resource managers and Data Protection Officers (DPOs)—as well as to update the knowledge of professionals already working in the judiciary, legal practice, and related legal areas.
Primary Target Audience:
I – Data Protection Officers (DPOs)
II – Business Managers
III – Human Resources Managers
IV – Senior Staff (notably from Compliance and IT departments)
V – Lawyers
VI – Holders of Master’s Degrees in Law, Computer and Telecommunications Engineering, Economics, and Business Management
VII – Undergraduate Students in Law, Computer Engineering, Management Information Systems, Economics, Business Management, and Human Resources Management

Opening Conference
1,5 hours_0,5 ECTS

Rights to Personal Data Protection

• Historical Evolution
• Personal Data Protection as a Fundamental Right: Constitutional and Civil Safeguards for Individuals
• Concept of Personal Data
• Rights of Data Subjects
• Principles of Personal Data Processing
• Lawfulness of Personal Data Processing
• Analysis of Consent

12 hours_3 ECTS

The Data Subject and Data Processing Responsibility

• The Data Controller
• The Subcontractor and the Data Processing Agreement (DPA)
• The Role of the Data Protection Officer
• Data Processing Agreements / Confidentiality Agreements
• Privacy Policy and Cookie Policy
• Data Security and Data Processing Impact Assessment

12 hours_3 ECTS

The Special Law of Personal Data Protection

• Data Protection in Criminal Law and Criminal Procedure
• Data Protection in Juvenile Law
• Data Protection in Medical Law
• Artificial Intelligence, Health, and Law
• Data Protection in Labor Law
• Data Protection in Electronic Communications
• Data Protection in E-Commerce
• Protection of Banking Data
• Money Laundering
• Marketing, Advertising, and Data Protection

21 hours_5,5 ECTS

Specific Situations of Personal Data Processing

• Freedom of Expression and Information
• Data Protection and Professional Confidentiality
• Cross-Border Flows of Personal Data

7,5 hours_2 ECTS

Supervision and Litigation

• Status of the National Supervisory Authority
• Procedural, Sanctioning, and Liability Regime
• Administrative Litigation and the Implications of the GDPR on the Application of the Administrative Procedure Code

6 hours_2 ECTS

Cybersecurity

• Constitutional Law of Cyberspace
• Information Security
• Physical Security (CCTV/Data)
• Cybersecurity and Cyber Resilience
• Cybercrime

19,5 hours_5 ECTS

Audits and Certifications

• Accreditation, Certification, and Codes of Conduct – 3 hours
• Fundamentals of Information Security (ISO 27001 and 27002) – 6 hours

9 hours_ 2,5 ECTS

Closing Conference
1,5 hours_0,5 ECTS

Dr. Cristina Caldeira
Dr. Graça Canto Moniz
Dr. Lurdes Dias Alves
Dr. Pedro Dias Venâncio
Dr. Pedro Trovão do Rosário
Dr. Raquel Brízida de Castro
MSc Ana Paula Lourenço
MSc Florbela Jorge
MSc João Paulo Ribeiro
MSc Lino Santos
MSc Marco Alexandre Saias
MSc Nuno Neves
Dr. Filipa Dias Alves
Dr. Rogério Bravo
Dr. Tiago Cabanas Alves