Comment on page

Appointing a DPO

Appoint a DPO

The data protection officer (DPO) is the orchestra conductor for RGPD compliance.
Article 37.1 of the RGPD (General Data Protection Regulation) requires the appointment of a DPO in 3 situations:
  • Where processing is carried out by a public authority or public organization
  • Where the core activities of the controller or processor consist of processing operations that require regular and systematic large-scale monitoring of data subjects
  • Where the basic activities of the controller or processor consist of large-scale processing of special categories of data or personal data relating to criminal convictions and offences

Add a DPO to Dastra

To add a DPO, go to entity management.
Note: only one DPO is attached to an entity.
Then add the DPO in the field provided.
Edit entity window
The DPO is added as an actor. So, if the DPO is a natural person, add him as a natural person. If the DPO is a company (an external DPO, for example), add him/her as a legal entity.
Add actor to directory window
Don't forget to register and you're done!