Why appoint a Data Protection Officer (DPO)?
The main mission of a Data Protection Officer or DPO is to ensure that the body that appointed him or her complies with the legal framework relating to personal data. The function of Data Protection Officer (DPO) is a key element of co-regulation, through practice. This objective is achieved through the following missions :
· Inform and raise awareness, spread a culture of data privacy
· Ensure compliance with the legal framework (PIA, privacy by design, notifications)
· Inform and empower, alert if necessary, its controller
· Analyze, investigate, audit, control
· Establish and maintain documentation under the accountability principle
· Interact with data subjects
· Submit an annual report to its controller
· Interact with the regulation authority (ICO, CNIL)
The DPO does not assume the legal responsibility of the controller for compliance.
What skills are required of a Data Protection Officer (DPO)?
The DPO profession requires expert skills in the following fields :
· legal : understanding of the legislative texts and case law regulating the processing of personal data
· technical/technological : mastery of information systems, IT, cyber-security aspects, information and communication technologies (algorithms, Artificial Intelligence, IoT, Industry 4.0, etc.), mathematics (cryptology), data protection and privacy by design and by default (DP by design and by default; security by design)
· operational : design and implement the “data privacy” program, to get employees to support the data privacy program, train employees / subcontractors, lead the network of internal and external stakeholders
· linguistic : proficiency in the languages spoken by the data subjects (French, English, German)
· behavioural skills : getting your employees, subcontractors and your hierarchy to support the data privacy program, pooling energies, a culture of compromise
Why choose an external or outsourced DPO?
It is unlikely that your company has an employee with :
· all the required skills (legal, technical, operational, linguistic, behavioural)
· sufficient experience
· the necessary time
Data Privacy Professionals has these skills to act as your external or outsourced Data Protection Officer
DPO / External Data Protection Officer
The consulting company Data Privacy Professionals offers you the opportunity to become the external or outsourced DPO or Data Protection Officer of your company as part of the GDPR
Features of the outsourced DPO
Our external DPO offer (or external data protection officer) allows for effective and efficient consideration, among other things :
· data protection by design and by default (DP by design and DP by default)
· the risk-based approach either through traditional risk management as developed in project management (PMI) or through PIAs (privacy impact assessment)
· accountability (proving everything that has been put in place)
· training your employees and subcontractors in understanding the GDPR, as well as the challenges and best practices of data privacy
· informing you, advising you, analysing the situation.
DPO as a Service
The external (or outsourced) DPO offer varies according to the size and sector of your company and starts from 4 days of consultation per year.
Charte de déontologie AFCDP du DPO
As part of its CSR (Corporate Social Responsibility) policy, Data Privacy Professionals offers its clients for whom it acts as their external DPO to sign the AFCDP Code of Ethics.
Our main geographical locations
Data Privacy Professionals acts as a DPO in:
• France
○ Grand-Est (Alsace, Lorraine, Champagne-Ardenne): Bas-Rhin, Haut-Rhin, Moselle, Meurthe-et-Moselle, Vosges, Meuse, Aube Ardennes, Marne, Haute-Marne
→ Strasbourg, Colmar, Mulhouse
→ Nancy, Metz, Bar-le-Duc, Epinal, Saint-Dié
→ Reims, Charleville-Mézières, Troyes, Châlons-en-Champagne
○ Ile-de-France: Paris
• Germany
○ Bade-Wurtemberg: Karlsruhe, Fribourg, Stuttgart, Offenbourg, Kehl
○ Sarre: Sarrebruck
• Switzerland: Bâle
• Luxembourg
• Belgium
• United Kingdom: London
