Data Protection Office

Ongoing support and advice service tailored to your company (on-company or external), to comply with the legal requirement to appoint a DPO (Data Protection Officer) before the public authorities, or to seek business excellence.

Outsourced DPO with the maximum legal and security guarantees

A2SECURE provides a range of legal services to ensure that companies, regardless of sector, can comply with their legal obligations and be confident that they have the legal advice they need from legal and IT experts to provide the support and insight into legal and technology in a holistic manner.

Data Protection Officer – DPO service

In all cases, whether the designation is mandatory or not, it provides excellence in the quality of the company’s products and services.

The service is a global project of continuous support, both for companies that do not have a specific department of legal management, DPO, Controlling or Compliance, as well as those that already have one, but that need a follow-up or monitoring of tasks, and a periodic verification in the management, validation of the effectiveness of controls or the suitability of measures to be adopted, etc.

The main functions will be:

  • Informing and advising the company and its employees of their obligations under the applicable regulations in force concerning the protection of personal data; Supervising compliance with the provisions of the applicable regulations in force, and with the company’s own policies on the protection of personal data, including the assignment of responsibilities, awareness and training of staff involved in processing operations, and the corresponding audits.
  • Provide advice on the data protection impact assessment when required and supervise its implementation and cooperate with the supervisory authority (in Spain with the Spanish Data Protection Agency), in case the company is involved in administrative proceedings;
  • Attend or participate in management meetings (if invited) where decisions with data protection implications are taken (marketing actions, agreements, contracting with third parties, modification of operations, etc.).
  • Manage GDPR incidents: Attention to affected rights (ARCO), Security breach notification procedures and Recommendation and management of corrective actions;