Data Protection Officer

You are here:
< Back

The role of a data protection officer (DPO) is to work within the organisation as a representative for data subject rights.  They must be able to inform and advise both the controller and the processor of their obligations, monitor compliance within the organisation, provide advice on assessments such as Data Protection Impact Assessments etc and be a point of contact for both the data subjects and the supervisory authority.

Not all organisations must appoint a DPO but one must be appointed if:

In practical terms, where a DPO is not required by the regulation a responsible person should be assigned to the management of data protection practices within an organisation to carry out the tasks required by the organisation.

It is acceptable for a DPO to be independent of the organisation and many of ProvePrivacy’s partner network provide a DPO as a service offering.