Data protection officer
The duties of the Data Protection Officer are prescribed by Article 39 of the General Regulation, according to which the Data Protection Officer performs at least the following tasks:
- informing and advising the Head of Processing and other processing staff on their obligations under the Regulation and other European Union or Member State data protection provisions;
- monitoring compliance with the Regulation and other European Union or Member State data protection provisions and policies of the Head of Processing in relation to data protection, including the allocation of responsibilities, raising awareness, and training of staff involved in processing operations and related audits;
- providing advice, when requested, on the assessment of data protection efficacy, and the monitoring of its implementation in accordance with Article 35;
- cooperation with the supervisory board;
- acting as a contact point for the supervisory board on processing issues, including prior consultation as referred to in Article 36 and consultation, as appropriate, on all other matters.
In performing his tasks, the Data Protection Officer shall take into account the risk associated with the processing operations and shall take into account the nature, scope, context and purposes of the processing.