Do companies necessarily need an in-house data protection advisor?
It is not required by law to create such a position. The responsible person can decide whether it is necessary or appropriate.
What does it take to create a successful data protection advisor function?
If a data protection advisor should be employed, the law requires the following conditions to be met:
- The data protection advisor function must be functionally independent from the responsible person and without a mandate.
- They may not exercise any activity that cannot be reconciled with the task of a data protection advisor.
- They must also have the corresponding specialist expertise,
- their contact details must be public, and the FDPIC must be notified.
Other legal tips and sample documents on the subject of data protection: