In all cases, whether the designation is mandatory or not, it provides excellence in the quality of the company’s products and services.
The service is a global project of continuous support, both for companies that do not have a specific department of legal management, DPO, Controlling or Compliance, as well as those that already have one, but that need a follow-up or monitoring of tasks, and a periodic verification in the management, validation of the effectiveness of controls or the suitability of measures to be adopted, etc.
The main functions will be:
- Informing and advising the company and its employees of their obligations under the applicable regulations in force concerning the protection of personal data; Supervising compliance with the provisions of the applicable regulations in force, and with the company’s own policies on the protection of personal data, including the assignment of responsibilities, awareness and training of staff involved in processing operations, and the corresponding audits.
- Provide advice on the data protection impact assessment when required and supervise its implementation and cooperate with the supervisory authority (in Spain with the Spanish Data Protection Agency), in case the company is involved in administrative proceedings;
- Attend or participate in management meetings (if invited) where decisions with data protection implications are taken (marketing actions, agreements, contracting with third parties, modification of operations, etc.).
- Manage GDPR incidents: Attention to affected rights (ARCO), Security breach notification procedures and Recommendation and management of corrective actions;