Guidelines on Data Protection Officers (‘DPOs’) (wp243rev.01)
Section 5.12 Is the DPO personally responsible for non-compliance with data protection requirements?
No. DPOs are not personally responsible for non-compliance with data protection requirements. It is the controller or the processor who is required to ensure and to be able to demonstrate that processing is performed in accordance with this Regulation. Data protection compliance is theresponsibility of the controller or the processor.
Guidelines 9/2020 on relevant and reasoned objection under Regulation 2016/679 Paragraph 3.2.3 Risks to free flow of personal data within the Union 44. Where the objection will refer to this particular risk, the CSA will need to clarify why it …
Guidelines 9/2020 on relevant and reasoned objection under Regulation 2016/679 Paragraph 3.2.2 Risks to fundamental rights and freedoms of data subjects 39. The issue at stake concerns the impact the draft decision as a whole would have on the data …
Guidelines 9/2020 on relevant and reasoned objection under Regulation 2016/679 Paragraph 3.2.1 Meaning of “significance of the risks” 35. It is important to bear in mind that the goal of the work carried out by SAs is that of protecting …