The European Union (EU) General Data Protection Regulation (GDPR) requires that if you collect data in the EU about EU data subjects, under certain circumstances, your organization may need to appoint a DPO. More specifically, you must have a DPO if:
(b) the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or
(c) the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10.
Article 37(1)
Not ready yet for GDPR compliance?
We can help you! Our GDPR Gap Assessment service get you on track for compliance.
Ready for compliance and need a DPO?
You are not required to appoint a full-time DPO. Our CIPP/E and CIPM certified consultants are available to be your dedicated DPO representative in the European Union.
Our full-scope DPO services include:
- Official DPO representation in the European Union.
- Services in English
, French , Spanish , Russian and Bulgarian . - Registration and contact point for EU Data Protection Authorities.
- On-site training and on-call provision of advice.
- GDPR compliance monitoring:
- Assignment of responsibilities
- Staff awareness training
- Periodic audits
- Maintenance of a Data Protection Impact Assessment
- Maintenance of a Record of Processing Activities
- Response to Requests for Erasure
, French 
, Spanish 
, Russian 
and Bulgarian 
.