External data protection officer

OUR SERVICES

We also provide external data protection officers for companies.

A data protection officer must be appointed if, as a rule, at least twenty employees are permanently involved in the automated processing of personal data in a company.

As an external data protection officer, we provide access to our online portal, which helps you to meet the requirements in data protection law in a structured and simple way.

Tasks of the (external) data protection officer

The tasks of the (external) data protection officer are regulated in Art. 39 GDPR. According to this, the data protection officer is responsible for at least the following tasks:

Informing and advising the controller or processor and the employees carrying out processing operations regarding their obligations under this Regulation and other Union or Member State data protection legislation;
monitoring compliance with this Regulation, other Union or Member State data protection legislation and the controller's or processor's personal data protection policies, including the allocation of responsibilities, awareness-raising and training of staff involved in the processing operations, and verifications thereof;
Advice - upon request - in connection with the data protection impact assessment and monitoring of its implementation;
Cooperation with the supervisory authority;
Acting as a point of contact for the supervisory authority on issues related to the processing, including prior consultation, and advising on any other issues as appropriate.
The Data Protection Officer shall, in the performance of his or her duties, have due regard to the risk inherent in the processing operations, taking into account the nature, scope, circumstances and purposes of the processing.

The legal views of the following institution/authorities are of particular interest:

USA:
Federal level
Federal Trade Comission|American Data Privacy and Protection Act (ADPPA)
you can find the act here

State level
State of California|California Privacy Protection Agency|CCPA and CPRA
State of Colombia|Law 1581/2012 Law 1266/2008
State of Colorado|Colorado Privacy Act (effective July 1, 2023)
State of New York|Shield Act
State of Oklahoma|Oklahoma Computer Data Privacy Act (not yet active)
State of Virginia|Consumer Data Protection Act (effective Jan 1, 2023)

Canada:
Office of the Privacy Commissioner of Canada

Switzerland:
Federal Data Protection and Information Commissioner

EU:
European Data Protection Board (edpd)
European Data Protection Supervisor
European Commision

Ireland:
Data Protection Commisson

France:
Commission Nationale de l'Informatique et des Libertés

Netherlands:
Autoriteit Persoonsgegevens

Germany:
Federal level
Datenschutzaufsichtsbehörde des Bundes
Die Datenschutzkonferenz

Counselling in the online portal Digital Commerce