We provide you with the entire expertise of our team and can appoint a person as your company’s data protection officer (DPO) if needed.
This service is launched with a survey of the current status of your company, which includes determining your obligations and needs. We prepare a prioritised list of measures required to fulfil the obligations of the regulation in cooperation with your company. Depending on the extent of obligations, we implement the measures through the services of the data protection officer or as separate projects.
The data protection officer service is a continuous service with monthly fees. The tasks of the data protection officer include:
- Raising awareness in the company about data protection and the responsibilities of a register holder and those involved in processing personal data
- Providing advice related to the implementation of technical and organisational measures
- Guiding the company in carrying out Data Protection Impact Assessments (DPIA)
- Monitoring the implementation and application of the organisation’s data policy, including the sharing of responsibilities, training personnel involved in processing data, and inspections concerning data protection
- Monitoring compliance with and application of legislation in cooperation with the organisation’s lawyers
- Monitoring the implementation and application of requirements concerning data protection by design and by default as well as information security in cooperation with the organisation’s lawyers and information security officer
- Acting as a contact person to the supervisory authorities in questions concerning the processing of personal data (based on the client’s need)
- Acting as a contact person to data subjects (based on the client’s need)
Secrays DPO service is suitable for both data controllers and processors. The service is provided in close cooperation with the management, communication officers, lawyers and possibly also information security officers.