# Appointing a DPO

## Appoint a DPO

The data protection officer (DPO) is the orchestra conductor for RGPD compliance. 

Article 37.1 of the RGPD (General Data Protection Regulation) **requires the appointment of a DPO** in 3 situations: 

* Where processing is carried out by a **public authority or public organization** 
* Where the **core activities** of the controller or processor consist of processing operations that **require regular and systematic large-scale monitoring of data subjects** 
* Where the **basic activities** of the controller or processor consist of **large-scale processing** of special categories of data or personal data relating to criminal convictions and offences

## Add a DPO to Dastra

To add a DPO, go to entity management. 

***Note**: only one DPO is attached to an entity.* 

Then add the DPO in the field provided.

<figure><img src="https://2697025545-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LvBxs22wUMicv9uWp6C-1972196547%2Fuploads%2FdYalKRzhrscjLiJqTD9r%2FCapture%20d%E2%80%99e%CC%81cran%202023-06-01%20a%CC%80%2016.05.04.png?alt=media&#x26;token=4ccc91f9-7fe6-474e-b8fe-39991c0bd1b9" alt="" width="563"><figcaption><p>Edit entity window</p></figcaption></figure>

The DPO is added as an actor. So, if the DPO is a natural person, add him as a natural person. If the DPO is a company (an external DPO, for example), add him/her as a legal entity.

<figure><img src="https://2697025545-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LvBxs22wUMicv9uWp6C-1972196547%2Fuploads%2F989cg8HoGd1gEeKFvhum%2FCapture%20d%E2%80%99e%CC%81cran%202023-06-01%20a%CC%80%2016.07.07.png?alt=media&#x26;token=b3266c10-ec0e-4f40-9629-2726c06d3094" alt=""><figcaption><p>Add actor to directory window</p></figcaption></figure>

Don't forget to register and you're done!