My client has a data protection officer, am I also obliged to do so?

Data Protection Officer

The figure of the Data Protection Delegate (DPD or DPO) has been one of the most important The figure of the Data Protection Officer (DPD or DPO) has been one of the most important innovations in the regulation of personal data protection in Spain and Europe, as it is a figure that acquires special relevance by becoming a key element in the supervision of compliance.

The creation of the figure of the DPD / DPO, appears with the final entry into force of the General Data Protection Regulation, EU 2016/679(GDPR), in May 2018.

Who is obliged to have a Data Protection Officer?

But it is with the entry into force of the new “LOPD”; Ley Orgánica 3/2018, de Protección de datos Personales y garantía de los derechos digitales(LOPDGDD), in December 2018, when its article 34 specifically determines the obligated subjects (companies or professionals) that must designate a DPD before the AEPD.

Some examples of activities obliged to have a Data Protection Officer:

The educational centers

Health care facilities (clinics, hospitals, etc. – legal entities)

Entities obliged to comply with the Money Laundering Prevention Law (construction, jewelry, tax advisors and auditors, etc.).

Professional associations and their general councils.

Etc.

What is a DPD and what is it for?

Broadly speaking, the DPD / DPO is a person appointed by the company, which may be part of its staff, or someone external (natural or legal person) who will be required to have professional qualities and, in particular, to have specialized knowledge of the law and practice in data protection, because it must meet very specific functions where it will be required to have this type of professional background.

Some of its functions are:

To inform about the obligations of the regulatory framework for the protection of personal data.

Monitoring compliance with mandatory provisions

Review of data protection policies

Audits and Training

Cooperate with the supervisory authority(AEPD) and act as a link between it and the company.

Etc.

If my client is required to have a Data Protection Officer, should my company appoint one?

If your company provides services that involve the processing of data under the responsibility of your client, on behalf of your client and your client is obliged to appoint a Data Protection OfficerIf your company provides services that involve the processing of data under the responsibility of your client and your client is obliged to designate a Data Protection Officer, your company must also designate one, in order to offer the same protection guarantees as your client.

The processor has the same obligations as the data controller, in accordance with the provisions of Article 28.1 of the RGPD and 33 of the LOPDGDD.

Business Adapter and its team of professionals will provide Data Protection Officer services in Valencia.

Count on us, we are an expert company in data protection Valencia / LOPD Valencia

[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]WE HELP YOU[/su_button]

Contact us, we will be pleased to help you.
error: Content is protected !!