Data Protection Officer (DPO)

A Data Protection Officer advises on data protection law, monitors compliance, trains staff, and acts as a contact point for the supervisory authority and data subjects. The GDPR requires a DPO for certain organizations, for example public authorities or those carrying out large-scale monitoring.

The role must be independent and free from instructions about how to perform its tasks, and it cannot be penalized for fulfilling its duties.