External Data
Protection Officer

inteqrity can provide your company with an external data protection officer if required. We have extensive expertise in data protection law and in implementing data protection processes in companies and international organizations. Our customers benefit from our many years of experience, our contacts with supervisory authorities, and our network across the data protection community.

FAQ

Who must appoint a data protection officer?

According to Art. 37 GDPR and the German Federal Data Protection Act, companies must appoint a data protection officer if

the core activity of the company consists of processing operations which, due to their nature, scope, and/or purposes, require extensive regular and systematic monitoring of data subjects, or consists of extensive processing of particularly sensitive data (Art. 37 GDPR), or
at least 20 people are permanently engaged in the automated processing of personal data (Section 38 Federal Data Protection Act).

What are the advantages of an external data protection officer?

Companies can deploy external data protection officers flexibly and at short notice, saving themselves the often time-consuming and costly search for employees and the costs of training them. Furthermore, internal data protection officers enjoy extensive protection against dismissal.

Integrity provides you exclusively with experienced professionals with comprehensive practical knowledge, so that data protection for your company is organized professionally without the need to hire and train an employee.

What are the tasks of an external data protection officer?

The external data protection officer takes on essential tasks related to compliance with data protection laws. Their tasks include, in particular:

Providing information and advice on your company's data protection obligations and compliance with them
Monitoring compliance with data protection obligations
Cooperating with data protection supervisory authorities

Our data protection officers conduct training courses and are the point of contact for all questions relating to data protection in your company.

What are the consequences if a company does not appoint a data protection officer even though it is obliged to do so?

Failure to appoint a data protection officer can result in fines of up to EUR 10 million or 2% of global annual turnover.

In addition, this violation usually gives the data protection authority reason to conduct a comprehensive audit of the company's data protection compliance, which usually leads to the discovery of further data protection violations. In practice, therefore, failure to appoint a data protection officer has numerous adverse consequences. Companies can significantly reduce this risk by appointing an external data protection officer.

Read the latest

[All Insights]