Data Protection Officer
A data protection officer is responsible for protecting all data in a company. First and foremost personal data. This can be determined internally as well as employed externally.
A data protection officer becomes mandatory if more than 20 people are employed in a company and personal data is constantly being processed. In addition, as soon as it is a public body and the core activity consists of processing special categories of personal data (Art. 9 GDPR). In addition, as soon as data subjects are regularly and systematically monitored (profiling), a data protection officer must also be appointed.
A DPO is named on the basis of their specialist knowledge and professional qualifications. In addition, he must be able to perform tasks in accordance with Article 39 GDPR. All regulations regarding a data protection officer can be found in Article 37 GDPR.
Die Aufgaben (Art. 39 DSGVO) des Datenschutzbeauftragten ergeben sich aus: