Appoint a DPO

The data protection officer (DPO) is the orchestra conductor for RGPD compliance.

Article 37.1 of the RGPD (General Data Protection Regulation) requires the appointment of a DPO in 3 situations:

• Where processing is carried out by a public authority or public organization

• Where the core activities of the controller or processor consist of processing operations that require regular and systematic large-scale monitoring of data subjects

• Where the basic activities of the controller or processor consist of large-scale processing of special categories of data or personal data relating to criminal convictions and offences

Add a DPO to Dastra

To add a DPO, go to entity management.

Note: only one DPO is attached to an entity.

Then add the DPO in the field provided.

The DPO is added as an actor. So, if the DPO is a natural person, add him as a natural person. If the DPO is a company (an external DPO, for example), add him/her as a legal entity.

Don't forget to register and you're done!