The forthcoming EU General Data Protection Regulation (‘GDPR’) enters into force in May 2018 and requires, for the first time in the European Union, some organisations to appoint a Data Protection Officer (‘DPO’). With regard to DPOs appointment currently, there is inconsistency across the EU. Some countries, such as Germany and Spain, mandate the appointment of a DPO in certain circumstances. Other countries permit organisations to voluntarily appoint DPOs, and in doing so reduce an organisation’s obligations in other areas of data protection law (for example, by providing an exemption to notifying the organisation’s processing activities to the data protection authority). For companies and organisations which operate internationally, the legal landscape is complex and peppered with trip wires. The aim of this guide is to de-mystify and simplify the available solutions.
- Download now