A DPO is responsible for overseeing an organization’s data protection strategy and implementation ensuring that an organization is complying with the GDPR’s requirements. DPO’s responsibilities include:
- Training organization employees on GDPR compliance requirements
- Conducting regular assessments and audits to ensure GDPR compliance
- Serving as the point of contact between the company and the relevant supervisory authority
- Maintaining records of all data processing activities conducted by the company
- Responding to data subjects to inform them about how their personal data is being used and what measures the company has put in place to protect their data
- Ensuring that data subjects’ requests to see copies of their personal data or to have their person data erased are fulfilled or responded to, as necessary.
Source: GDPR Art.39