What I do
Data Protection Officer as a Service (DPOaaS)
Data Privacy Management
Privacy by Design and by default: Project management & Advisory Services
Why Choose Me
Does your organisation need to appoint a dPO?
Under Article 37 of the GDPR, there are three main scenarios where the appointment of a DPO by a controller or processor is mandatory:
- The processing is carried out by a public authority.
- The core activities of the controller or processor consist of processing operations which require regular and systematic processing of data subjects on a large scale.
- The core activities of the controller or processor consist of processing on a large scale sensitive data or data relating to criminal convictions/offences.
Article 29 Working Party (“WP29”) states:
“Determining whether or not you need to appoint a DPO depends on the scope and scale of your data processing, and whether or not they pertain within reach of Article 37.”