Thomas J. Shaw, Esq.
DPO Services
Information & Internet Law
Emerging Technologies Law

Data Protection Officer (DPO) Services

GDPR-required and other DPO tasks, fulfilled within the EU, by the author of the DPO Handbook


DPO Requirements under GDPR:
  • The data protection officer shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability to fulfil the tasks referred to in Article 39

Article describing the Skills Required for a DPO

  • The data protection officer may be a staff member of the controller or processor, or fulfil the tasks on the basis of a service contract

Article describing Outsourcing the DPO Role

Presentation on GDPR for SMEs

Presentation on DPOs and Reps for U.S. Companies

    A DPO is required for:

    • Processing carried out by a public authority or body
    • Core activities of the controller or the processor consist of processing operations which...require regular and systematic monitoring of data subjects on a large scale
    • Core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant and personal data relating to criminal convictions and offences

    DPO Tasks under GDPR:

    • Involvement in All Issues to Protection of Personal Data
    • Contact with Data Subjects regarding Processing of their Personal Data and Exercise of their Rights under GDPR
    • Inform and Advise the Controller or Processor of their Obligations under GDPR
    • Monitor Compliance with GDPR
    • Advise on Data Protection Impact Assessments
    • Cooperate and Liaise with Supervisory Authority
    • Involvement with Data Transfers outside EEA
    • Provide Contact Details to Various Parties