Skip to main content Skip to navigation

GDPR: Role of the DPO

The Role of the Data Protection Officer (DPO):

  • The DPO role is an independent role required by legislation and the tasks of the DPO.
  • To inform and advise the University on its obligations to comply with the GDPR and other data protection laws.
  • To monitor compliance with the GDPR and other data protection laws, and with data protection polices, including managing internal data protection activities; raising awareness of data protection issues, training staff and conduct data protection audits.
  • To advise on, and to monitor, data protection impact assessments.
  • To cooperate with the supervisory authority.
  • To be the first point of contact for supervisory authorities and for individuals whose data is processed (employees, customers etc.).
  • It is the University‚Äôs responsibility to ensure that the data protection officer does not receive any instructions regarding the exercise of her tasks.
  • The University must ensure that the DPO is involved, closely and in a timely manner, in all data protection matters.
  • Role of the DPO in data breach incidents:
    • The DPO is responsible for investigating a data breach incident as part of her statutory task to monitor compliance and will follow the data breach reporting obligations as set out in the GDPR and regulatory guidance.