Tasks of the data protection officer

Tasks of the data protection officer:

  1. to inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to the General Data Protection Regulation of 27 April 2016 and to other Union or Member State data protection provisions;
  2. to monitor compliance with the General Data Protection Regulation of 27 April 2016, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising, and training of staff involved in processing operations, and the related audits;
  3. to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35 of the General Data Protection Regulation of 27 April 2016;
  4. to cooperate with the supervisory authority;
  5. to act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36 of the General Data Protection Regulation of 27 April 2016, and to consult, where appropriate, with regard to any other matter.

The data protection officer shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.