DPO: the responses of the Privacy Authority to frequently asked questions

By | Thursday March 2nd, 2017

 

Here come the answers of the Privacy Aythority to frequently asked questions asked about the DPO (ex art. 37 Reg UE 2016/679)

Below the link in both Italian and English

http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/5930300

http://ec.europa.eu/information_society/newsroom/image/document/2016-51/wp243_annex_en_40856.pdf

 

Please find here below the answer n. 10 that in my opinion integrates and responds to the discussion that followed the post by colleague Stefanelli “Who can do Data Protection Officer?”

10 What are the ‘other tasks and duties’ of a DPO which may result in a conflict of interests (Article 38(6))? The DPO cannot hold a position within the organisation that leads him or her to determine the purposes and the means of the processing of personal data. Due to the specific organisational structure in each organisation, this has to be considered case by case.

As a rule of thumb, conflicting positions may include senior management positions (such as chief executive, chief operating, chief financial, chief medical officer, head of marketing department, head of Human Resources or head of IT departments) but also other roles lower down in the organisational structure if such positions or roles lead to the determination of purposes and means of processing

 

Enjoy the reading!

Laura Marretta

Category: Data Protection Officer Tags: , , , , , , ,

About laura.marretta

Avv. Laura Marretta Dopo aver conseguito la Maturità Classica presso l’Istituto Marcelline di Milano e la Laurea in Giurisprudenza presso l’Univeristà Cattolica del Sacro Cuore diventa Avvocato del Foro di Milano ed è Partner dello Studio Legale Internazionale Romolotti Marretta dal 2006. Svolge la propria attività professionale con particolare riferimento ai settori della Privacy e Data Security, Tutela del Segreto Industriale, Diritto della Moda, Energy, e Sistemi di Organizzazione Aziendale (normative UNI CEI ed ISO) nonché in ambito di Certificazioni e Marcatura CE. Svolge il ruolo di DPO presso enti associativi di rilevanza nazionale nonché per conto di società del settore industriale e dei servizi. E’ relatrice presso corsi e convegni sul territorio nazionale, con specifico riferimento ai settori della privacy e della video security. Collabora in pubblicazioni nazionali ed internazionali (www.romolottimarretta.com/pubblicazioni.html) tra le quali numerose edizioni annuali di Doing Business edito dalla World Bank Maturità Classica at Istituto Marcelline of Milan, Graduated in Law at Univeristà Cattolica del Sacro Cuore, Attorney at Law of the Milan Bar, is a Partner of Romolotti Marretta International Law Firm since 2006. Her professional activity is focused on Privacy and Data Security, Trade Secret Protection, Fashion Law, Energy Law, Enterprise Organization (UNI CEI and ISO standards), Certification and CE mark. She is DPO in associations at national level and companies of the industrial and services areas. Speaker at seminars and conferences with specific reference to privacy and videosecurity law, she is a contributor in national and international publications, included several editions of Doing Business edited by World Bank (www.romolottimarretta.com/lang2/publications.html)

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.