Thought of the Day: DPOs and the GDPR

by GDPR Associates | 5th April 2018 2:10 pm

When the General Data Protection Regulation comes into effect on May 25 this year, Data Protection Officers (DPOs) will be mandatory for certain organisations. This includes organisations where the core business activities consist of:

Organisations must ensure that any further tasks and duties of the DPO do not result in conflicts of interest. In the past, we have seen the German Data Protection Authority fining a company for having the IT Manager appointed as a DPO, which was seen as a conflict of interest under the German Federal Data Protection Act (FDPA). Not meeting the DPO obligations under the GDPR could lead to a fine of up to €10 million or 2% global annual turnover.

Source URL: