Objektiver

Whether you are an EU citizen, non-EU resident, an employee, an entrepreneur, or a freelancer, have you ever opened a workplace e-mail or chat and felt your stomach drop because the words within have mis-represented you? Have you ever had to scramble to protect your reputation after experiencing repeated unfair performance-review, verbal or written harassment, discrimination, or toxic office gossips?

You are not alone-and you are not powerless. The General Data Protection Regulation gives you the right to read exactly what others say about you, correct their mistakes, and shut down unnecessary disclosures. It is proof that Europe protects humans, not just data-and on a daily basis, it can protect you against workplace abuse and exploitation long before workplace official “procedures” or legal aid would.

Beschreiwung

Module 1: Your Five Key Rights – Know, Correct, Delete, Limit, Complaint

What you’ll learn

• The entire GDPR is distilled into five plain-language sentences:
• Know? “I want to see my file.”
• Correct? “Please rectify that inaccuracy.”
• Delete? “Remove this data when it's no longer needed.”
• Limit? “Stop using this data until you fix it.”
• Complaint? “I’d like to complain to the data-protection authority.”
• Timing rules: the one-month deadline for data requests and when it can be extended.

Hands-on activity

• Work through five micro-scenarios, each illustrating one of the top forms of workplace abuse and exploitation:
• Unfair performance-review
• Verbal or written harassment
• Discrimination
• Toxic office gossips
• Unfair performance review abuse
• For each scenario:Identify which of your five rights applies.

Module 2: Fact or Opinion? – Detecting Mixed Personal Data in the Workplace

What you’ll learn

• Why can one record include data about multiple people and still be your personal data.
• How to recognise mixed personal data and apply the accuracy requirement when you see:
• Unfair performance-review
• Verbal or written harassment
• Discrimination
• Toxic office gossips
• A simple method to flag verifiable facts versus pure opinions.
• Why spotting factual errors unlocks your rights to access and correction, while still protecting others’ privacy.

Hands-on activity

Review five short examples, one for each abuse type: a mobbing chat, a biased HR note, a sexual-harassment rumor, a leaked personal file, and a flawed appraisal. Underline mixed data, circle the checkable facts, and box the opinions—then see which right protects each element.

Module 3: How to Request Your Data Under the GDPR

What you’ll learn

• Draft a clear, one-page access request that must be answered within one month, covering:
• Records of harassment or bullying complaints.
• Evidence of discriminatory remarks.
• Logs of performance-review comments.
• Copies of any unauthorised email CCs.
• Use a plain-language email template—no legalese required.
• When and how to escalate if workplace authorities stalls or refuses: reminder, formal notice, complaint to the data-protection authority.

Hands-on activity

• Complete five request templates, each targeting one of the abuse types.
• Then fill out the corresponding escalation template ready to send if you receive no response or an incomplete file.

Module 4: Identifying Inaccuracies & Exercising Your Right to Rectification

What you’ll learn

• How to spot errors in:
• Bullying or harassment notes.
• Discriminatory performance-review lines.
• Unlawful disclosures of your personal data.
• Choosing the right remedy—deletion, amendment, or annotation.
• How to draft a precise correction request that points to the exact error.
• Ensuring corrected information reaches everyone who saw the inaccurate data.

Hands-on activity

Role-play five correction meetings, one for each abuse scenario: present your evidence, invoke your right to fix the record, and secure a written commitment with a clear paper trail.

Module 5: Presenting Your Case to Workplace Authorities, DPO, or the Supervisory Authority

What you’ll learn

• How to compile and structure your evidence dossier for a meeting with HR or your Data Protection Officer: chronological summary, key facts, and supporting documents.
• Best practices for drafting a formal complaint to the data-protection authority: essential elements, cover-letter format, required attachments, and submission channels.
• Effective meeting etiquette: setting an agenda, taking minutes, and sending clear follow-up emails to document next steps.
• Techniques for tracking progress and deadlines: log entries, reminder systems, and escalation triggers if responses are delayed or unsatisfactory.

Hands-on activity

Choose one of the five abuse scenarios. Role-play a first meeting with HR or your DPO: present your multi-type dossier, request corrective action, and draft the minutes. Then prepare a formal complaint letter to the supervisory authority attaching the full evidence bundle and a submission checklist.