{"id":1680,"date":"2019-09-26T13:41:57","date_gmt":"2019-09-26T11:41:57","guid":{"rendered":"https:\/\/87adsf68asd7f6.tatooine.link\/?p=1680"},"modified":"2025-03-24T15:55:15","modified_gmt":"2025-03-24T14:55:15","slug":"data-protection-officer-gdpr","status":"publish","type":"post","link":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr","title":{"rendered":"Data Protection Officer"},"content":{"rendered":"<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-e0642o-a75a8f5f4aa8180461aa991c52d1d772\">\n.flex_column.av-e0642o-a75a8f5f4aa8180461aa991c52d1d772{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-e0642o-a75a8f5f4aa8180461aa991c52d1d772 av_one_full  avia-builder-el-0  el_before_av_one_full  avia-builder-el-first  first flex_column_div av-zero-column-padding'     ><p><section  class='av_textblock_section av-kr4nq4ke-9017fa151f1724024b752aab0746a531'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\">Data Protection Academy<\/a> \u00bb <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\">Data Protection Wiki<\/a> \u00bb <strong>Data Protection Officer<\/strong><\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqd6yj2-5098c7f5d301f93050411f7df0aaab25\">\n.avia-image-container.av-kqqd6yj2-5098c7f5d301f93050411f7df0aaab25 img.avia_image{\nbox-shadow:none;\n}\n.avia-image-container.av-kqqd6yj2-5098c7f5d301f93050411f7df0aaab25 .av-image-caption-overlay-center{\ncolor:#ffffff;\n}\n<\/style>\n<div  class='avia-image-container av-kqqd6yj2-5098c7f5d301f93050411f7df0aaab25 av-styling- avia-align-left  avia-builder-el-2  el_after_av_textblock  el_before_av_hr'   itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" fetchpriority=\"high\" class='wp-image-14054 avia-img-lazy-loading-not-14054 avia_image' src=\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\" alt='An external data protection officer performs his tasks on a laptop computer' title=''  height=\"343\" width=\"685\"  itemprop=\"thumbnailUrl\" srcset=\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg 685w, https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter-300x150.jpg 300w, https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter-18x9.jpg 18w\" sizes=\"(max-width: 685px) 100vw, 685px\" \/><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-c62528-cd0d90023469326406823f06eeb85a3b\">\n#top .hr.hr-invisible.av-c62528-cd0d90023469326406823f06eeb85a3b{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-c62528-cd0d90023469326406823f06eeb85a3b hr-invisible  avia-builder-el-3  el_after_av_image  el_before_av_heading'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqd8m1k-24595042e4db4bf5948d7f76db42c127\">\n#top .av-special-heading.av-kqqd8m1k-24595042e4db4bf5948d7f76db42c127{\npadding-bottom:10px;\ncolor:#303440;\n}\nbody .av-special-heading.av-kqqd8m1k-24595042e4db4bf5948d7f76db42c127 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kqqd8m1k-24595042e4db4bf5948d7f76db42c127 .special-heading-inner-border{\nborder-color:#303440;\n}\n.av-special-heading.av-kqqd8m1k-24595042e4db4bf5948d7f76db42c127 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-kqqd8m1k-24595042e4db4bf5948d7f76db42c127 av-special-heading-h1 custom-color-heading blockquote modern-quote  avia-builder-el-4  el_after_av_hr  el_before_av_hr'><div class='av_custom_color av-subheading av-subheading_above'><p>Data protection according to GDPR<\/p>\n<\/div><h1 class='av-special-heading-tag'  itemprop=\"headline\"  >Data Protection Officer Duties and Appointment<\/h1><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-arxfxc-507599a40f36c444e365e54f188f9388\">\n#top .hr.hr-invisible.av-arxfxc-507599a40f36c444e365e54f188f9388{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-arxfxc-507599a40f36c444e365e54f188f9388 hr-invisible  avia-builder-el-5  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqj3a59-0098cbadecadbb1f3859bda1a74b1503'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The data protection officer is the person responsible for coordinating and monitoring compliance with the requirements of the General Data Protection Regulation (GDPR). Many companies in the European Union are obliged to appoint a data protection officer. In the following article, we inform you about the obligation to appoint a data protection officer, the differences and the tasks of the data protection officer.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-8y0jjk-0ade909b5b03736b5645a1ca6b8b4f88\">\n#top .hr.hr-invisible.av-8y0jjk-0ade909b5b03736b5645a1ca6b8b4f88{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-8y0jjk-0ade909b5b03736b5645a1ca6b8b4f88 hr-invisible  avia-builder-el-7  el_after_av_textblock  avia-builder-el-last'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><\/p><\/div>\n<div class='flex_column_table av-lw9umk-33703d3362028b1aa2ff3515470fd277 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-33703d3362028b1aa2ff3515470fd277\">\n.flex_column.av-lw9umk-33703d3362028b1aa2ff3515470fd277{\nborder-radius:0px 0px 0px 0px;\npadding:25px 25px 25px 25px;\nbackground-color:#f7f7f7;\n}\n<\/style>\n<div  id=\"uebersicht\"  class='flex_column av-lw9umk-33703d3362028b1aa2ff3515470fd277 av_one_full  avia-builder-el-8  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><section  class='av_textblock_section av-kiipug5e-a69566d46b299f3be16162a702095af7'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Content on the subject of data protection officer:<\/h2>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06\">\n#top .avia-icon-list-container.av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06 .iconlist_icon{\ncolor:#127db3;\nfont-size:20px;\n}\n#top .avia-icon-list-container.av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06 .iconlist_icon svg:first-child{\nstroke:#127db3;\nfill:#127db3;\nheight:20px;\nwidth:20px;\n}\n#top #wrap_all .avia-icon-list-container.av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06 .av_iconlist_title{\nfont-size:20px;\n}\n<\/style>\n<div  class='avia-icon-list-container av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06  avia-builder-el-10  el_after_av_textblock  el_before_av_hr'><ul class='avia-icon-list avia_animate_when_almost_visible avia-icon-list-left av-iconlist-small av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06 avia-iconlist-animate'>\n<li><div class='iconlist_icon av-cqanyz-3-c3a209aad3b906fb1a8840380a27c724 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#whitepaper&#039; title=&#039;Whitepaper Data protection at company sites and persons in the data protection organisation&#039;&gt;Whitepaper Data protection at company sites and persons in the data protection organisation&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#whitepaper' title='Whitepaper Data protection at company sites and persons in the data protection organisation'>Whitepaper Data protection at company sites and persons in the data protection organisation<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-cqanyz-cf8aa1d207a6af0abbef25c585e9fa15 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#arten-von-datenschutzbeauftragten&#039; title=&#039;Types and responsibilities of data protection officers&#039;&gt;Types and responsibilities of data protection officers&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#arten-von-datenschutzbeauftragten' title='Types and responsibilities of data protection officers'>Types and responsibilities of data protection officers<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><ul>\n<li><a href=\"#bundesbeauftragter-fuer-datenschutz\">Federal Commissioner for Data Protection<\/a><\/li>\n<li><a href=\"#landesdatenschutzbeauftragter\">State Data Protection Commissioner<\/a><\/li>\n<li><a href=\"#betrieblicher-datenschutzbeauftragter\">Company data protection officer<\/a>\n<ul>\n<li><a href=\"#interner-datenschutzbeauftragter\">Internal data protection officer<\/a><\/li>\n<li><a href=\"#externer-datenschutzbeauftragter\">External Data Protection Officer<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#behoerdlicher-datenschutzbeauftragter\">Data Protection Officer<\/a><\/li>\n<\/ul>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-1m936j-18e641b80cef4634c8200f102a00ed30 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#bestellung-dsb&#039; title=&#039;Who must appoint a data protection officer?&#039;&gt;Who must appoint a data protection officer?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#bestellung-dsb' title='Who must appoint a data protection officer?'>Who must appoint a data protection officer?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-e0rz63-828ca0840c519c53944cb9757ba8b507 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#aufgaben-datenschutzbeauftragter&#039; title=&#039;Tasks of the Data Protection Officer&#039;&gt;Tasks of the Data Protection Officer&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#aufgaben-datenschutzbeauftragter' title='Tasks of the Data Protection Officer'>Tasks of the Data Protection Officer<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><ul>\n<li><a href=\"#beratung\">Information and consultation<\/a><\/li>\n<li><a href=\"#ueberwachung\">Monitoring<\/a><\/li>\n<li><a href=\"#richtlinien\">Create guidelines<\/a><\/li>\n<li><a href=\"#dsfa\">Carrying out a data protection impact assessment<\/a><\/li>\n<li><a href=\"#verarbeitungstaetigkeiten\">Drawing up the register of processing activities<\/a><\/li>\n<li><a href=\"#vorfaelle\">Data protection incidents and data subject enquiries<\/a><\/li>\n<li><a href=\"#schulung\">Employee training on data protection law<\/a><\/li>\n<li><a href=\"#mitarbeiterkontrollen\">Participation in employee checks<\/a><\/li>\n<li><a href=\"#betriebsrat\">Consultation of the works council<\/a><\/li>\n<\/ul>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-66ba204053672ae533cd5052ad4dd11a avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#interner-vs-externer-datenschutzbeauftragter&#039; title=&#039;Internal data protection officer versus external data protection officer&#039;&gt;Internal data protection officer versus external data protection officer&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#interner-vs-externer-datenschutzbeauftragter' title='Internal data protection officer versus external data protection officer'>Internal data protection officer versus external data protection officer<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-cqanyz-8-275867b012f168041d1b8966d8ca43fd avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#stellung-dsb&#039; title=&#039;Position of the Supervisor&#039;&gt;Position of the Supervisor&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#stellung-dsb' title='Position of the Supervisor'>Position of the Supervisor<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><ul>\n<li><a href=\"#ansprechpartner-intern-extern\">Contact point for \"internals\" and \"externals<\/a><\/li>\n<li><a href=\"#ansprechpartner-aufsichtsbehoerde\">Contact person of the supervisory authority<\/a><\/li>\n<\/ul>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-cqanyz-7-84464296d3c833478517c9f40fc2abe8 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#qualifikation-datenschutzbeauftragter&#039; title=&#039;What qualifications does a data protection officer need?&#039;&gt;What qualifications does a data protection officer need?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#qualifikation-datenschutzbeauftragter' title='What qualifications does a data protection officer need?'>What qualifications does a data protection officer need?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-cqanyz-6-436ac4bb8762d30f55dc44dfe9883704 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#kosten&#039; title=&#039;Costs for a data protection officer in the company &#039;&gt;Costs for a data protection officer in the company &lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#kosten' title='Costs for a data protection officer in the company '>Costs for a data protection officer in the company <\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-cqanyz-5-33c1aad20fc6200a46c3cc50d8608ddd avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#haftung-datenschutzbeauftragter&#039; title=&#039;Personal liability of data protection officers&#039;&gt;Personal liability of data protection officers&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#haftung-datenschutzbeauftragter' title='Personal liability of data protection officers'>Personal liability of data protection officers<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-cqanyz-4-ae2df0f3b42dda95036fa3630689570f avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#strafen&#039; title=&#039;What are the penalties for not appointing a data protection officer?&#039;&gt;What are the penalties for not appointing a data protection officer?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#strafen' title='What are the penalties for not appointing a data protection officer?'>What are the penalties for not appointing a data protection officer?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-cqanyz-3-1-dbdbde5ec8d9dc3d63b6c2ae3e955655 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#links-checkliste&#039; title=&#039;Further links and checklist&#039;&gt;Further links and checklist&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#links-checkliste' title='Further links and checklist'>Further links and checklist<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><ul>\n<li><a href=\"#informationen-aufsichtsbehoerden\">Information from the data protection supervisory authorities<\/a><\/li>\n<li><a href=\"#checkliste\">Checklist Appointment of Data Protection Officer<\/a><\/li>\n<\/ul>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<\/ul><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa\">\n#top .hr.hr-invisible.av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa hr-invisible  avia-builder-el-11  el_after_av_iconlist  avia-builder-el-last'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-og5clc-362f063fd7e820e6237ae55cf22f4b4e\">\n.flex_column.av-og5clc-362f063fd7e820e6237ae55cf22f4b4e{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  id=\"whitepaper\"  class='flex_column av-og5clc-362f063fd7e820e6237ae55cf22f4b4e av_one_full  avia-builder-el-12  el_after_av_one_full  el_before_av_one_full  first flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lzsu4w-bde159e51f9d18762eb56b57f8134628\">\n#top .av-special-heading.av-lzsu4w-bde159e51f9d18762eb56b57f8134628{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lzsu4w-bde159e51f9d18762eb56b57f8134628 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lzsu4w-bde159e51f9d18762eb56b57f8134628 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-lzsu4w-bde159e51f9d18762eb56b57f8134628 av-special-heading-h2  avia-builder-el-13  el_before_av_image  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Whitepaper Data protection at company sites and persons in the data protection organisation<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-20ncj4-cd27ade440c255b350adb82499c142f1\">\n.avia-image-container.av-20ncj4-cd27ade440c255b350adb82499c142f1 img.avia_image{\nbox-shadow:none;\n}\n.avia-image-container.av-20ncj4-cd27ade440c255b350adb82499c142f1 .av-image-caption-overlay-center{\ncolor:#ffffff;\n}\n<\/style>\n<div  class='avia-image-container av-20ncj4-cd27ade440c255b350adb82499c142f1 av-styling- avia-align-left  avia-builder-el-14  el_after_av_heading  el_before_av_hr  tp_de2'   itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" fetchpriority=\"high\" class='wp-image-13147 avia-img-lazy-loading-not-13147 avia_image' src=\"https:\/\/media.robin-data.io\/2019\/11\/04140211\/Cover-Whitepaper-Standorte-Datenschutzorganisation-1030x429.png\" alt='Whitepaper: Data protection at company sites and persons in the data protection organisation' title='Cover white paper locations data protection organisation'  height=\"429\" width=\"1030\"  itemprop=\"thumbnailUrl\" srcset=\"https:\/\/media.robin-data.io\/2019\/11\/04140211\/Cover-Whitepaper-Standorte-Datenschutzorganisation-1030x429.png 1030w, https:\/\/media.robin-data.io\/2019\/11\/04140211\/Cover-Whitepaper-Standorte-Datenschutzorganisation-300x125.png 300w, https:\/\/media.robin-data.io\/2019\/11\/04140211\/Cover-Whitepaper-Standorte-Datenschutzorganisation-768x320.png 768w, https:\/\/media.robin-data.io\/2019\/11\/04140211\/Cover-Whitepaper-Standorte-Datenschutzorganisation-18x7.png 18w, https:\/\/media.robin-data.io\/2019\/11\/04140211\/Cover-Whitepaper-Standorte-Datenschutzorganisation-705x293.png 705w, https:\/\/media.robin-data.io\/2019\/11\/04140211\/Cover-Whitepaper-Standorte-Datenschutzorganisation.png 1110w\" sizes=\"(max-width: 1030px) 100vw, 1030px\" \/><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-jos5jk-93110f11739e463d2917717c782a696b\">\n#top .hr.hr-invisible.av-jos5jk-93110f11739e463d2917717c782a696b{\nheight:15px;\n}\n<\/style>\n<div  class='hr av-jos5jk-93110f11739e463d2917717c782a696b hr-invisible  avia-builder-el-15  el_after_av_image  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-1okods-ddae6e72ea67900b0be0adbbad0aaae0'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p style=\"font-size: 20px; color: #00b3bd;\">In the whitepaper on data protection at company sites &amp; persons in the data protection organisation you will find:<\/p>\n<ul>\n<li>Get information on\u00a0<strong>Legally permissible data transfers<\/strong><\/li>\n<li>Learn more about the\u00a0<strong>Data protection relevant consideration<\/strong>\u00a0of different company locations<\/li>\n<li>Learn\u00a0<strong>DSGVO-compliant<\/strong>\u00a0Possibilities of\u00a0<strong>Data transfer to third countries<\/strong>\u00a0Know<\/li>\n<li>Get background information on the\u00a0<strong>Market place principle, third country and group privilege<\/strong><\/li>\n<li>Learn which people\u00a0<strong>Members of the data protection organisation<\/strong>\u00a0are<\/li>\n<\/ul>\n<\/div><\/section><br \/>\n<br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2k2akg-0a94fad372020a5f524d46c8d6425b8b\">\n.avia_message_box.av-2k2akg-0a94fad372020a5f524d46c8d6425b8b{\nbackground-color:rgba(244,150,0,0.3);\ncolor:#303440;\n}\n.avia_message_box.av-2k2akg-0a94fad372020a5f524d46c8d6425b8b .avia_message_box_icon.avia-svg-icon svg:first-child{\nfill:#303440;\nstroke:#303440;\n}\n<\/style>\n<div id='avia-messagebox-' class='avia_message_box av_notification av-2k2akg-0a94fad372020a5f524d46c8d6425b8b avia-color-custom avia-size-large avia-icon_select-no avia-border-  avia-builder-el-18  el_after_av_codeblock  avia-builder-el-last  tp_en2' ><div class=\"avia_message_box_content\"><p>Unfortunately this content is currently only available in German. Please feel free to <a href=\"https:\/\/www.robin-data.io\/en\/contact#formular\">contact us<\/a> for more information.<\/p>\n<\/div><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-6wa7zk-f3004b73b8b2d23a434e8a36efea19ed\">\n.flex_column.av-6wa7zk-f3004b73b8b2d23a434e8a36efea19ed{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  id=\"arten-von-datenschutzbeauftragten\"  class='flex_column av-6wa7zk-f3004b73b8b2d23a434e8a36efea19ed av_one_full  avia-builder-el-19  el_after_av_one_full  el_before_av_one_full  first flex_column_div av-zero-column-padding  column-top-margin'     ><section  class='av_textblock_section av-5xbncg-d983551cf59add8d57a62cdbd4255c5b'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Types and responsibilities of data protection officers<\/h2>\n<p>Data Protection Officers (abbreviated as \"DPOs\") exist for different areas of responsibility, at the federal level there is the Federal Commissioner for Data Protection and Information Security (BfDI) Ulrich Kelber, in the individual federal states there are so-called state data protection officers and in companies there are company data protection officers. Company data protection officers can be divided into internal and external DPOs.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqkfomh-2af5126ef0521c87f315dcdeae9449e4\">\n#top .hr.hr-invisible.av-kqqkfomh-2af5126ef0521c87f315dcdeae9449e4{\nheight:15px;\n}\n<\/style>\n<div  id=\"bundesbeauftragter-fuer-datenschutz\"  class='hr av-kqqkfomh-2af5126ef0521c87f315dcdeae9449e4 hr-invisible  avia-builder-el-21  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqjfa9d-97e2d19d421c1d365f78b1426266e36a'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Federal Commissioner for Data Protection<\/h3>\n<p>The Federal Commissioner for Data Protection and Information Security is responsible for the processing of personal data of all federal public bodies as well as all non-public bodies, from the area of telecommunications and postal service companies. In addition, he advises private companies that fall under the Security Review Act and is the competent supervisory authority for the job centres. One of the most important tasks of the BfDI is to inform the German Bundestag and the public about developments in the private sector that are relevant to data protection.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-7l77nk-fa6c21eef846fe67dfe9d0f69aee02d1\">\n#top .hr.hr-invisible.av-7l77nk-fa6c21eef846fe67dfe9d0f69aee02d1{\nheight:15px;\n}\n<\/style>\n<div  id=\"landesdatenschutzbeauftragter\"  class='hr av-7l77nk-fa6c21eef846fe67dfe9d0f69aee02d1 hr-invisible  avia-builder-el-23  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqjfhc5-626b7285e84cfc4dccbf783d43ae37f7'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>State Data Protection Commissioner<\/h3>\n<p>The state data protection commissioners are the data protection commissioners of the respective federal states and are responsible for reviewing data protection in authorities and public bodies, within the respective federal state. They also act as supervisory authorities and monitor compliance with data protection law in companies, associations, self-employed persons and clubs in the federal state.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-5ohd0g-ca393d436c42e7293acfffeb4c1297e5\">\n#top .hr.hr-invisible.av-5ohd0g-ca393d436c42e7293acfffeb4c1297e5{\nheight:15px;\n}\n<\/style>\n<div  id=\"betrieblicher-datenschutzbeauftragter\"  class='hr av-5ohd0g-ca393d436c42e7293acfffeb4c1297e5 hr-invisible  avia-builder-el-25  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqjgnba-9805e1b4a2354985d1bc8c93b1a5cfe0'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Company data protection officers<\/h3>\n<p>The company data protection officer supports companies in complying with data protection and implementing the GDPR. Unlike the Federal Commissioner and the State Commissioners, this is not a state institution, but rather an expert in the field of data protection who is responsible, among other things, for training employees, managing data protection measures or acting as an interface between the company and the supervisory authority.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-4bbdvk-8ba1e934830541b764b84d48ca3871a1\">\n#top .hr.hr-invisible.av-4bbdvk-8ba1e934830541b764b84d48ca3871a1{\nheight:15px;\n}\n<\/style>\n<div  id=\"interner-datenschutzbeauftragter\"  class='hr av-4bbdvk-8ba1e934830541b764b84d48ca3871a1 hr-invisible  avia-builder-el-27  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqjo5zn-7f3c4e7443b67af11e32ad7dcf35c5d5'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4>Internal data protection officer<\/h4>\n<p>An internal DPO is directly employed by a company and has been appointed by the management as the person responsible for implementing corporate data protection. Often, employees are entrusted with the activity of data protection in addition to existing tasks, for which further training and a certain expertise in this area are necessary.  If an existing employee is to be appointed as an internal DPO, it should be noted that the employee must not belong to the IT department, the HR department or the management. Otherwise, the employee would have to control himself\/herself and there would be a conflict of interest.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqkf97g-7003768f7ed6af808e5467995ba020eb\">\n#top .hr.hr-invisible.av-kqqkf97g-7003768f7ed6af808e5467995ba020eb{\nheight:15px;\n}\n<\/style>\n<div  id=\"externer-datenschutzbeauftragter\"  class='hr av-kqqkf97g-7003768f7ed6af808e5467995ba020eb hr-invisible  avia-builder-el-29  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqjwzng-c9e7c979fc48f5b663794554e2c97a0f'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4>External Data Protection Officer<\/h4>\n<p>An external data protection expert is an external consultant appointed by a company to implement operational data protection as the responsible person. The main difference to the internal data protection officer is that the external DPO is not directly employed by the company but also supports other companies in the implementation of the General Data Protection Regulation (GDPR). External data protection officers often have the necessary qualifications and experience, but usually need more time to integrate into the company structure.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqkcfwx-3393dd931dd4552ac83df4398454f346\">\n#top .hr.hr-invisible.av-kqqkcfwx-3393dd931dd4552ac83df4398454f346{\nheight:15px;\n}\n<\/style>\n<div  id=\"behoerdlicher-datenschutzbeauftragter\"  class='hr av-kqqkcfwx-3393dd931dd4552ac83df4398454f346 hr-invisible  avia-builder-el-31  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqkb6c8-388cd797b9c57fb289d1579b35ad4b89'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Data Protection Officer<\/h3>\n<p>The tasks of the company data protection officer and the official data protection officer hardly differ from each other. The main difference between these two types of data protection officers is that the data controller is not, for example, a company from the private sector, but a public authority or public body.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqdbkp5-6f9d3f07f0831aa619a0b1d5829d12f7\">\n#top .hr.hr-invisible.av-kqqdbkp5-6f9d3f07f0831aa619a0b1d5829d12f7{\nheight:15px;\n}\n<\/style>\n<div  id=\"bestellung-dsb\"  class='hr av-kqqdbkp5-6f9d3f07f0831aa619a0b1d5829d12f7 hr-invisible  avia-builder-el-33  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-2amkmo-5355b7a701d458bf8a2fdfe19a7fbbd4'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Who must appoint a data protection officer?<\/h2>\n<p>The obligation to appoint a data protection officer applies in accordance with <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/general-data-protection-regulation-eu-gdpr\">GDPR<\/a> primarily to public authorities and public bodies. But also companies whose core activity is the particularly extensive processing of personal data or the processing of special categories of data (in accordance with <a href=\"https:\/\/help.robin-data.io\/artikel-9-dsgvo?hsLang=de\">Article 9<\/a> and the <a href=\"https:\/\/help.robin-data.io\/artikel-10-dsgvo?hsLang=de\">10<\/a>(GDPR), must appoint a data protection officer in accordance with the GDPR. (see <a href=\"https:\/\/help.robin-data.io\/artikel-37-dsgvo?hsLang=de\">Article 37<\/a> GDPR)<\/p>\n<p>An opening clause in the GDPR offers each member state the opportunity to create stricter conditions for the appointment of an in-house data protection officer. In the new Federal Data Protection Act, for example, Germany has, among other things, regulated the obligation to appoint company data protection officers more strictly than in the GDPR.<\/p>\n<p>Thus, the appointment of a data protection officer according to <a href=\"https:\/\/help.robin-data.io\/paragraph-38-bdsg\" target=\"_blank\" rel=\"noopener\">Art 38 BDSG<\/a> compulsory for all companies in Germany, insofar as at least 20 employees (<a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/germany-adjustment-designation-data-protection-officer\/?hsLang=de\">Federal Council decision on 20 September 2019<\/a>) constantly deal with the automated processing of personal data.<\/p>\n<p>In summary, as a private company, it is easy to assess whether the appointment of a data protection officer is necessary on the basis of three criteria. If at least one of the three criteria applies, there is a legal obligation to appoint a data protection officer. The criteria are:<\/p>\n<ol>\n<li>The number of employees who regularly and recurrently work with personal data is at least 20 (employees are also auxiliary staff, trainees, temporary workers or freelancers)<\/li>\n<li>Processing of a special category of personal data takes place. (This includes race, ethnic origin, political opinion, religious beliefs, trade union membership, health, sexual life or criminal behaviour - see <a href=\"https:\/\/help.robin-data.io\/artikel-9-dsgvo?hsLang=de\">Article 9<\/a> and the <a href=\"https:\/\/help.robin-data.io\/artikel-10-dsgvo?hsLang=de\">10 <\/a>GDPR)<\/li>\n<li><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/personal-data\">Personal data<\/a> are transferred, collected, processed or used on a business basis (i.e. the core activity of the company consists of these processing operations).<\/li>\n<\/ol>\n<p>The intentional or negligent failure to appoint a company data protection officer constitutes an administrative offence subject to a fine.<\/p>\n<p>Even if the company is not subject to the obligation to appoint a data protection officer according to legal requirements, the regulations of data protection law must nevertheless be fully complied with. This poses a particular challenge for smaller companies, as they simply lack data protection expertise. In such cases it makes perfect sense to voluntarily appoint a data protection officer.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqdcooc-e072ca42b745b7560e9787a84d05a22b\">\n#top .hr.hr-invisible.av-kqqdcooc-e072ca42b745b7560e9787a84d05a22b{\nheight:15px;\n}\n<\/style>\n<div  id=\"aufgaben-datenschutzbeauftragter\"  class='hr av-kqqdcooc-e072ca42b745b7560e9787a84d05a22b hr-invisible  avia-builder-el-35  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqd9fe3-55d8430ebca3910918cbe7cfca96dffb'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Tasks of the Data Protection Officer<\/h2>\n<p>As an expert in data protection, the data protection officer has the task of ensuring that the requirements of the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/general-data-protection-regulation-eu-gdpr\">General Data Protection Regulation<\/a> in the company and to prevent data protection breaches. In <a href=\"https:\/\/help.robin-data.io\/artikel-39-dsgvo\" target=\"_blank\" rel=\"noopener\">Article 39 GDPR<\/a> the tasks of the data protection officer are regulated in detail:<\/p>\n<ol type=\"a\">\n<li>Informing and advising the controller or processor and the employees carrying out processing operations about their obligations under this Regulation and under other Union or Member State data protection legislation;<\/li>\n<li>Monitoring compliance with this Regulation, other Union or Member State data protection legislation and the controller's or processor's personal data protection policies, including the allocation of responsibilities, awareness-raising and training of staff involved in processing operations, and audits thereof;<\/li>\n<li>Advice - upon request - in connection with the data protection impact assessment and monitoring of its implementation pursuant to Article 35 (https:\/\/help.robin-data.io\/artikel-35-dsgvo);<\/li>\n<li>Cooperation with the supervisory authority;<\/li>\n<li>Acting as a contact point for the supervisory authority on issues related to the processing, including prior consultation pursuant to <a href=\"https:\/\/help.robin-data.io\/artikel-36-dsgvo\" target=\"_blank\" rel=\"noopener\">Article 36<\/a>, and, if necessary, advice on any other issues.<\/li>\n<\/ol>\n<p>By teaching, advising and assisting companies in many processes, such as the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-impact-assessment-2\">data protection impact assessment<\/a> supports, the danger of <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-breaches\">Data Protection Breaches<\/a> greatly reduced. Should a mishap nevertheless occur, the DPO helps to report it to the competent supervisory authority. The DPO acts as a contact point and mediator in the event of (queries) regarding data protection law from companies, supervisory authorities and data subjects.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"beratung\"  class='av_textblock_section av-kqqdel1m-aa4567becbe9543f8b27f4c54ec16a30'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Information and consultation<\/h3>\n<p>Data protection officers are obliged to provide information about the existing obligations under data protection law. This obligation exists both vis-\u00e0-vis the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/controller\">controllers\u00a0<\/a>as well as towards the employees. Especially employees who process <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/personal-data\">individual-related data<\/a> must be trained or sensitised in the handling of data, technical devices and with regard to the existing electronic dangers. Such instruction is possible, for example, through regular e-mail communication. Counselling also plays a major role and in this case means support in solving concrete problems.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"ueberwachung\"  class='av_textblock_section av-kqqdh8sj-a1be9c16beae35960803d2793e36cefd'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Monitoring<\/h3>\n<p>As a branch of the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/supervisory-authority\">supervisory authority<\/a> the DPO also monitors compliance with all data protection requirements in the company or in an organisation. The DPO is responsible for the internal assignment of responsibilities and tasks to the person in charge, as well as for the sensitisation and training of employees, and for the corresponding review.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"richtlinien\"  class='av_textblock_section av-kqqdidkw-072932f99959908da6fafb4676fe8aca'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Creation of guidelines<\/h3>\n<p>In the company, the data protection officer also assists in the drafting of legal documents that are related to data protection law. These include company agreements, but also internal regulations and guidelines. As advisors, data protection officers support the preparation of data protection declarations, which serve the fulfilment of the data protection requirements of the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/information-obligations-gdpr\">Duty to inform<\/a> . The creation of the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/documentation-obligation-gdpr\">data protection documentation<\/a>which is decisive for the fulfilment of the obligations of proof and accountability under data protection law, is carried out by the Data Protection Officer.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"dsfa\"  class='av_textblock_section av-kqqdoahf-2af34110658b798a7da93d46f13af3a2'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Carrying out a data protection impact assessment<\/h3>\n<p>If certain data processing operations are carried out in the company, the performance of a <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-impact-assessment-2\">data protection impact assessment<\/a> to be carried out. In this case, the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/controller\">controller<\/a> seeks the advice of the DPO and clarifies, for example, whether a data protection impact assessment is required. The DPO will also help with questions about the procedure, which will ensure that the DPIA is carried out properly.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"verarbeitungstaetigkeiten\"  class='av_textblock_section av-krm1wava-a1583584e7899453007528aafa3b4000'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Drawing up the register of processing activities<\/h3>\n<p>Both controllers and processors are legally obliged to create <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/directory-of-processing-activities-2\">processing directories.<\/a> However, these can become very extensive. A DPO can advise at this point and check the directory for its conclusiveness, for example. Often data protection officers work with <a href=\"https:\/\/www.robin-data.io\/en\/data-protection\">Data protection management systems<\/a>which can assist in the creation of the register of processing activities.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"vorfaelle\"  class='av_textblock_section av-krm1z7jc-539bb340b7cc727f2b3626c333ca7356'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Data protection incidents and data subject enquiries<\/h3>\n<p>The support of a data protection officer is particularly helpful for important processes and reporting requirements. If a data protection breach occurs, there is not much time before it is reported to the responsible <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/supervisory-authority\">supervisory authority<\/a> Accordingly, it is important to implement effective processes that let employees know when a data protection incident has occurred and how the DPO is to be involved. In doing so, the DPO acts as an advisor at the side of the data controller.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"schulung\"  class='av_textblock_section av-krm22ks9-9be1ec7ab29de156b5d8d7569152f1f1'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Employee training on data protection law<\/h3>\n<p>In the case of employee training in data protection law, a fundamental distinction must be made between briefings and training. While the data protection officer must instruct and advise employees, the data protection officer is responsible for the actual training. Due to the fluid boundary between <a href=\"https:\/\/www.robin-data.io\/en\/training\">training and information.<\/a>If the training is to be provided, the DPO should at least be involved in the design of the training. Data Protection Officers are only obliged to supervise the implementation of training, but often it is the Data Protection Officers themselves who provide the training. These trainings can be either general or, if necessary, sector-specific.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"mitarbeiterkontrollen\"  class='av_textblock_section av-krna0m1k-5359f19b36b5c4d016f8696f87a8d7e6'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Participation in employee checks<\/h3>\n<p>If there is a ban in a company, e.g. with regard to private internet use, or if there is a fear of misuse, it is necessary for the person responsible to intervene and carry out a check. In order to comply with the rights of employees, the DPO must be involved in these controls.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"betriebsrat\"  class='av_textblock_section av-krna5rhb-19ac54483e3bf4983d695a84b2ef1972'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Consultation of the works council<\/h3>\n<p>Another task of the data protection officer is to advise the works council. In addition to providing technical advice, this also requires mediation skills.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2lavi8-cff1c26e4fd6d042398da6e52cfb7367\">\n.flex_column.av-2lavi8-cff1c26e4fd6d042398da6e52cfb7367{\npadding:35px 25px 30px 25px;\nbackground-color:#b3dff1;\n}\n<\/style>\n<div  class='flex_column av-2lavi8-cff1c26e4fd6d042398da6e52cfb7367 av_one_full  avia-builder-el-46  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><section  class='av_textblock_section av-kxyhxkdz-bef4e9683376409282d1c83418f7425f'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p style=\"font-size: 20px;\"><strong>External Data Protection Officer<\/strong><\/p>\n<p>You are welcome to contact us as <strong>external data protection officer (DPO) <\/strong>order. We also offer individual consulting services as well as audits and will be happy to provide you with a non-binding offer. You can find more information about our external data protection officers on our website.<\/p>\n<\/div><\/section><br \/>\n<div  class='avia-button-wrap av-kxyhy231-a4039b436332ba0ee40adc1d0b8a8633-wrap avia-button-left  avia-builder-el-48  el_after_av_textblock  avia-builder-el-last'><a href='https:\/\/www.robin-data.io\/en\/data-protection-as-a-service'  class='avia-button av-kxyhy231-a4039b436332ba0ee40adc1d0b8a8633 av-link-btn avia-icon_select-no avia-size-large avia-position-left avia-color-theme-color'   aria-label=\"To the DSB service overview\"><span class='avia_iconbox_title' >To the DSB service overview<\/span><\/a><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-h83ts-9c88aaf2a5b8aecc9af80ae1420fddcc\">\n.flex_column.av-h83ts-9c88aaf2a5b8aecc9af80ae1420fddcc{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-h83ts-9c88aaf2a5b8aecc9af80ae1420fddcc av_one_full  avia-builder-el-49  el_after_av_one_full  el_before_av_one_full  first flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqg8m5c-0160bfee9a4f9334a35310cb92d7a68c\">\n#top .hr.hr-invisible.av-kqqg8m5c-0160bfee9a4f9334a35310cb92d7a68c{\nheight:15px;\n}\n<\/style>\n<div  id=\"interner-vs-externer-datenschutzbeauftragter\"  class='hr av-kqqg8m5c-0160bfee9a4f9334a35310cb92d7a68c hr-invisible  avia-builder-el-50  el_before_av_textblock  avia-builder-el-first'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-2y0ozk-995e6cadf6df7340d657fed877ff46d7'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Internal versus external data protection officer<\/h2>\n<p>The Data Protection Officer may be appointed internally or externally.\u00a0<strong>Internal data protection officers<\/strong> are employees of the company who usually devote themselves to other tasks in addition to their data protection activities. The advantage of an internal data protection officer is that they know the company processes well and probably does not have to familiarise themself with the structures. On the other hand, they will have to acquire extensive data protection expertise in order to do justice to their task. This usually goes hand in hand with costly training courses. In addition, care must be taken to ensure that an internal DPO is not subject to a conflict of interest, i.e. that they do not have to monitor themself. An <strong>external data protection officer<\/strong> must first familiarise themself with the company's processes, but brings profound data protection expertise and experience, which means they can probably advise with pragmatic solutions. Which of the two options is more beneficial for a company depends heavily on the requirements of a company.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqiq78o-31868970e962068a56ea6de32a80b667\">\n#top .hr.hr-invisible.av-kqqiq78o-31868970e962068a56ea6de32a80b667{\nheight:15px;\n}\n<\/style>\n<div  id=\"bestellung-datenschutzbeauftragter\"  class='hr av-kqqiq78o-31868970e962068a56ea6de32a80b667 hr-invisible  avia-builder-el-52  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  id=\"stellung-dsb\"  class='av_textblock_section av-kqqip51g-dbfdc1b575fcff8d0db92b4e0da647a6'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Position of the Supervisor<\/h2>\n<p>In order to be able to fulfil their duties, the GDPR stipulates that a data protection officer must be properly involved at an early stage in all matters relating to the protection of <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/personal-data\">personal data<\/a> (<a href=\"https:\/\/help.robin-data.io\/artikel-38-dsgvo?hsLang=de\">Article 38<\/a> GDPR). To this end, the Data Protection Officer shall have access to all information, processing activities or other resources necessary for this purpose.<\/p>\n<p>The Data Protection Officer may not receive any instructions concerning the performance oftheir duties, nor may they be removed or discriminated against in the performance of those duties. Internal Data Protection Officers even enjoy special protection against dismissal.<\/p>\n<p>DPOs should therefore be able to perform their duties and tasks in complete independence, whether they are employees (i.e. internal data protection officers) or not.<\/p>\n<p>In addition, the Data Protection Officer shall be subject to an obligation of secrecy or confidentiality in the performance of their duties.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"ansprechpartner-intern-extern\"  class='av_textblock_section av-krnabnux-952ccd5dd1ef78ef293f443d4826cc3c'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Contact point for \"internals\" and \"externals<\/h3>\n<p>Data protection officers are the contact persons for data protection issues. This applies both internally within the company for employers, employees and the works council, as well as for external persons. These include, among others, customers, suppliers and data subjects who want information on data protection issues. To enable external persons to contact the DPO, it is important that the contact details are easily accessible (e.g. on the website). In addition to the postal address, the e-mail address must also be provided, while the telephone number is not required.<\/p>\n<\/div><\/section><br \/>\n<section  id=\"ansprechpartner-aufsichtsbehoerde\"  class='av_textblock_section av-krnacack-3f84ade8bc358d5e4c65ce2781cbf53d'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Contact person of the supervisory authority<\/h3>\n<p>Also for the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/supervisory-authority\">supervisory authority<\/a> the data protection advisor is a contact person. They act as a kind of branch office of the competent supervisory authority and ensures that the data protection regulations are complied with within the company or organisation. The data protection advisor is the direct contact person for enquiries and inspections by the supervisory authority. Accordingly, it is necessary to notify the supervisory authority of the contact details of the DPO.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqiuyf6-43442019e5badee7bd756017d900a532\">\n#top .hr.hr-invisible.av-kqqiuyf6-43442019e5badee7bd756017d900a532{\nheight:15px;\n}\n<\/style>\n<div  id=\"qualifikation-datenschutzbeauftragter\"  class='hr av-kqqiuyf6-43442019e5badee7bd756017d900a532 hr-invisible  avia-builder-el-56  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqio5d5-970903a6ce1c6dfdd5dbcc83165d8fce'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>What qualifications does a data protection officer need?<\/h2>\n<p>The data protection officer, whether internal or external, must have a qualification\/expert status. This must be proven by appropriate training and further education and confirmed by official test seals. Since data protection officers act as contact persons within the company as well as for supervisory authorities, communication skills should not be disregarded. This is also necessary when it comes to justifying and implementing proposals for solutions and improvements within the company.<\/p>\n<p>However, concrete specifications with regard to knowledge or training are neither in the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/general-data-protection-regulation-eu-gdpr\" target=\"_blank\" rel=\"noopener\">GDPR<\/a> nor provided for in the Federal Data Protection Act. Therefore, in principle, anyone can become a data protection officer. However, with regard to the expertise of a data protection officer, it is advisable to have further interdisciplinary knowledge in addition to knowledge in the area of data protection and data protection law.<\/p>\n<p>This knowledge should cover the areas of risk, project and quality management as well as information security. Furthermore, practical skills such as setting up a data protection management system in companies or public authorities and experience in the consulting environment are advantageous.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kqqiru8f-d052569a52c6f2ea5d84712555c9ab2d\">\n#top .hr.hr-invisible.av-kqqiru8f-d052569a52c6f2ea5d84712555c9ab2d{\nheight:15px;\n}\n<\/style>\n<div  id=\"haftung-datenschutzbeauftragter\"  class='hr av-kqqiru8f-d052569a52c6f2ea5d84712555c9ab2d hr-invisible  avia-builder-el-58  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  id=\"kosten\"  class='av_textblock_section av-krnb14f3-01bc6f6fcb87f2d0523aa229d4f105c9'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Costs for a data protection officer in the company<\/h2>\n<p>The appointment of a data protection officer is always associated with costs. In terms of costs, there are differences between the internal and external appointment of a data protection officer. The internal further training of an employee or the new appointment of an internal data protection officer are compared to the monthly costs as well as individual consultation by an external data protection officer. The costs for an external data protection officer depend on the extent to which the company processes personal data or what kind of personal data is processed and how large the company is and how complex its corporate structure is. Therefore, it is hardly possible to make a general statement about the costs of an external data protection officer.<\/p>\n<p>If you are interested in the costs of an external data protection officer for your company in particular, we will be happy to provide you with an offer <a href=\"https:\/\/www.robin-data.io\/en\/offer-complianceos\">free of charge and without obligation<\/a>.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2kxde8-ea521a7cb6dee26ab946a4fb9dc467d5\">\n#top .hr.hr-invisible.av-2kxde8-ea521a7cb6dee26ab946a4fb9dc467d5{\nheight:15px;\n}\n<\/style>\n<div  id=\"haftung-datenschutzbeauftragter\"  class='hr av-2kxde8-ea521a7cb6dee26ab946a4fb9dc467d5 hr-invisible  avia-builder-el-60  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kqqir64h-f6c9862554a4f39eab4b8e92e43d3f0b'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Personal liability of a Data Protection Officer<\/h2>\n<p>In terms of data protection law, the responsible body is always the company itself. The data protection officer has, according to <a href=\"https:\/\/help.robin-data.io\/artikel-39-dsgvo?hsLang=de\">Article 39<\/a> GDPR, however, clearly defined tasks, including a comprehensive duty of control. If a breach of data protection becomes serious, high fines may be imposed. If it can be proven that the Data Protection Officer has neglected their duties, this results in claims for damages against them.<\/p>\n<p>Internal data protection officers are employees and are therefore subject to labour law with their liability. However, the following also applies here: whoever acts with intent or gross negligence is regularly liable alone and in full. In the case of normal negligence, the burden is usually shared between employer and employee and only in the case of slight negligence is the internal Data Protection Officer exempted from liability.<\/p>\n<p>The situation is similar for external data protection officers, except that they are of course not subject to the regulations of labour law. As a rule, therefore, external data protection officers are fully liable to the injured party even in cases of slight negligence.<\/p>\n<p>The liability of a data protection officer is an issue that has not yet received much attention. This is because, in practice, fines and therefore also claims for damages have not yet played a major role. However, with increasing regulations on fines, it will certainly become more important in the future.<\/p>\n<p>If the data protection officer has been appointed, the controller must make the contact details public and notify the supervisory authority of the appointment. In the case of groups of companies, a joint company data protection officer may also be appointed.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-31lic0-3a3ec8f48ff051546d95f77ef217968e\">\n#top .hr.hr-invisible.av-31lic0-3a3ec8f48ff051546d95f77ef217968e{\nheight:15px;\n}\n<\/style>\n<div  id=\"haftung-datenschutzbeauftragter\"  class='hr av-31lic0-3a3ec8f48ff051546d95f77ef217968e hr-invisible  avia-builder-el-62  el_after_av_textblock  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  id=\"strafen\"  class='av_textblock_section av-krnb2rmd-92067e49b12e1734b1c30f1976964678'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>What are the penalties for not appointing a data protection officer?<\/h2>\n<p>If a company fails to comply with its obligation to appoint a data protection officer, it may be liable to prosecution under the Data Protection Act. <a href=\"https:\/\/help.robin-data.io\/artikel-83-dsgvo\" target=\"_blank\" rel=\"noopener\">Art. 83 para. 4<\/a> Fines of up to \u20ac10 million or 2% of the total annual turnover achieved worldwide in the previous financial year, whichever is higher.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-5qq5yo-9478b996e0ee0ae8ddfe421d442d5431\">\n.flex_column.av-5qq5yo-9478b996e0ee0ae8ddfe421d442d5431{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-5qq5yo-9478b996e0ee0ae8ddfe421d442d5431 av_one_full  avia-builder-el-64  el_after_av_one_full  el_before_av_one_full  first flex_column_div av-zero-column-padding  column-top-margin'     ><section  id=\"links-checkliste\"  class='av_textblock_section av-krnbfkd6-4c1539f35cc81e277313164d99f8dc76'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Further links and checklist<\/h2>\n<\/div><\/section><br \/>\n<section  id=\"informationen-aufsichtsbehoerden\"  class='av_textblock_section av-krnbixrm-dcfeeb035a39427a7c85facc7e8f7cae'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Information from the data protection supervisory authorities<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.bfdi.bund.de\/SharedDocs\/Downloads\/DE\/Broschueren\/INFO4.html\">Federal Data Protection Commissioner for Data Protection and Information Security: Data Protection Officers in Public Authorities and Companies<\/a><\/li>\n<li><a href=\"https:\/\/www.lda.bayern.de\/media\/baylda_ds-gvo_19_data_protection_officer.pdf\">Data Protection Authority Bavaria: The Data Protection Officer (DPO) - Art. 37 to 39 DS-GVO (PDF)<\/a><\/li>\n<li><a href=\"https:\/\/www.ldi.nrw.de\/datenschutzbeauftragte-faq-aufgaben\">Data Protection Authority North Rhine-Westphalia: FAQ on the data protection officer<\/a><\/li>\n<li><a href=\"https:\/\/lfd.niedersachsen.de\/startseite\/dsgvo\/datenschutzbeauftragte\/behoerdliche_datenschutzbeauftragte\/datenschutzbeauftragte-155408.html\">Data Protection Authority of Lower Saxony: Data Protection Officers - Appointment, Position and Tasks<\/a><\/li>\n<li><a href=\"https:\/\/www.datenschutz.rlp.de\/de\/themenfelder-themen\/datenschutz-grundverordnung\/datenschutzbeauftragter-und-datenschutz-management\/\">Data Protection Authority Rhineland-Palatinate: Data Protection Officer and Data Protection Management<\/a><\/li>\n<li><a href=\"https:\/\/edps.europa.eu\/data-protection\/eu-institutions-dpo_de\">The European Data Protection Supervisor: DPO Corner<\/a><\/li>\n<li><a href=\"https:\/\/ec.europa.eu\/info\/law\/law-topic\/data-protection\/reform\/rules-business-and-organisations\/obligations\/data-protection-officers_de\">EU Commission: Data Protection Commissioner<\/a><\/li>\n<\/ul>\n<\/div><\/section><br \/>\n<section  id=\"checkliste\"  class='av_textblock_section av-krnbjwo3-b20d4ef3ccb33108ae098ca79aa2ff31'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3>Checklist Appointment of Data Protection Officer<\/h3>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-krndhrmg-5366705a70fffb57b14d25952d64217b\">\n#top .avia-icon-list-container.av-krndhrmg-5366705a70fffb57b14d25952d64217b .iconlist_icon{\ncolor:#00b3bd;\nbackground-color:#ffffff;\n}\n#top .avia-icon-list-container.av-krndhrmg-5366705a70fffb57b14d25952d64217b .iconlist_icon svg:first-child{\nstroke:#00b3bd;\nfill:#00b3bd;\n}\n<\/style>\n<div  class='avia-icon-list-container av-krndhrmg-5366705a70fffb57b14d25952d64217b  avia-builder-el-68  el_after_av_textblock  avia-builder-el-last'><ul class='avia-icon-list avia_animate_when_almost_visible avia-icon-list-left av-iconlist-big av-krndhrmg-5366705a70fffb57b14d25952d64217b avia-iconlist-animate'>\n<li><div class='iconlist_icon av-krndhr4q-95852223b3cfeee8c4a05df82ebe457d avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue81c' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: Obligation to appoint a data protection officer\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >Duty to appoint data protection officer<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>Under certain circumstances, there is an <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr\/#bestellung-dsb\">Obligation to order for companies<\/a>. Therefore, check whether your company is legally obliged to appoint a data protection officer.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-krndq4nl-a4b5ca68b513e8debf19c6a86d1a2ac1 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue81c' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: Voluntary appointment of a DPO\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >Voluntary appointment of a DPO<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>If your company is not legally obliged to appoint a DPO, there are still reasons why a voluntary appointment makes sense. For example, if you as the controller want to comply with the requirements of the GDPR and do not have the necessary know-how yourself. Furthermore, every company - irrespective of the legal obligation to appoint a data protection officer - must document the data protection measures taken and be able to prove them in the event of an audit. An external data protection officer can support you with data protection documentation. Therefore, check whether you want to voluntarily appoint a DPO to help you implement the requirements of the GDPR.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-krndqqsr-abaaf23cd3e02c8578e941f2e995ae6e avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue812' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: Appointment of a DPO\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >Appointment of a DPO<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>Appoint or nominate a suitable external or internal data protection officer.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-krndqqsr-2-f90d76fe2f4be09d0f84165d39802864 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue812' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: Information on the DSB\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >Information on the DPO<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>Publish the contact information of your data protection officer on your website.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-krndqqsr-1-eb2b7187ea265b711f647b44ab19710e avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue812' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: Official announcement of the DSB\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >Official message of the DSB<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>After appointing a data protection officer, notify the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/supervisory-authority\">competent supervisory authority<\/a> the contact details of your data protection officer. This off-target notification of the data protection officer must also be made if you change your data protection officer.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<\/ul><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885\">\n.flex_column.av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885{\nborder-radius:10px 10px 10px 10px;\npadding:50 px 50 px 50 px 50 px;\nbackground-color:#f7f7f7;\n}\n<\/style>\n<div  class='flex_column av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885 av_one_full  avia-builder-el-69  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p><br \/>\n<div  class='av-social-sharing-box av-ka3jmz4x-5dcebd1f09db7c20daac0063288815c9 av-social-sharing-box-default  avia-builder-el-71  el_after_av_codeblock  avia-builder-el-last  av-social-sharing-box-fullwidth'><div class=\"av-share-box\"><h5 class='av-share-link-description av-no-toc'>Do you like the piece? Feel free to share it.<\/h5><ul class=\"av-share-box-list noLightbox\"><li class='av-share-link av-social-link-facebook avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on Facebook\" href='https:\/\/www.facebook.com\/sharer.php?u=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr&#038;t=Datenschutzbeauftragter' data-av_icon='\ue8f3' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on Facebook'><span class='avia_hidden_link_text'>Share on Facebook<\/span><\/a><\/li><li class='av-share-link av-social-link-twitter avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on X\" href='https:\/\/twitter.com\/share?text=Datenschutzbeauftragter&#038;url=https:\/\/www.robin-data.io\/en\/?p=1680' data-av_icon='\ue932' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on X'><span class='avia_hidden_link_text'>Share on X<\/span><\/a><\/li><li class='av-share-link av-social-link-linkedin avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on LinkedIn\" href='https:\/\/linkedin.com\/shareArticle?mini=true&#038;title=Datenschutzbeauftragter&#038;url=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr' data-av_icon='\ue8fc' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on LinkedIn'><span class='avia_hidden_link_text'>Share on LinkedIn<\/span><\/a><\/li><li class='av-share-link av-social-link-mail avia_social_iconfont' ><a  aria-label=\"Share by Mail\" href='mailto:?subject=Datenschutzbeauftragter&#038;body=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr' data-av_icon='\ue805' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share by Mail'><span class='avia_hidden_link_text'>Share by Mail<\/span><\/a><\/li><\/ul><\/div><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d\">\n.flex_column.av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d av_one_full  avia-builder-el-72  el_after_av_one_full  avia-builder-el-last  first flex_column_div av-zero-column-padding  column-top-margin'     ><section  class='av_textblock_section av-kaqhth2e-c0ce0e9fc51ca4569850f4a16f47c8e1'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4 style=\"text-align: center;\">This might interest you too:<\/h4>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kaqhpdsy-c149d804dc26de4da98e9603962fa194\">\n#top .hr.hr-invisible.av-kaqhpdsy-c149d804dc26de4da98e9603962fa194{\nheight:25px;\n}\n<\/style>\n<div  class='hr av-kaqhpdsy-c149d804dc26de4da98e9603962fa194 hr-invisible  avia-builder-el-74  el_after_av_textblock  el_before_av_blog'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<div  data-slideshow-options=\"{&quot;animation&quot;:&quot;fade&quot;,&quot;autoplay&quot;:false,&quot;loop_autoplay&quot;:&quot;once&quot;,&quot;interval&quot;:5,&quot;loop_manual&quot;:&quot;manual-endless&quot;,&quot;autoplay_stopper&quot;:false,&quot;noNavigation&quot;:false,&quot;show_slide_delay&quot;:90}\" class='avia-content-slider avia-content-grid-active avia-content-slider1 avia-content-slider-odd  avia-builder-el-75  el_after_av_hr  avia-builder-el-last  av-slideshow-ui av-control-default   av-no-slider-navigation av-slideshow-manual av-loop-once av-loop-manual-endless'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Blog\" ><div class=\"avia-content-slider-inner\"><div class=\"slide-entry-wrap\"><article class='slide-entry flex_column  post-entry post-entry-17156 slide-entry-overview slide-loop-1 slide-parity-odd  av_one_third first real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/datenschutz-management-system-dsgvo-dsms' data-rel='slide-1' class='slide-image' title='DSMS according to GDPR: Structure &amp; practical implementation'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"341\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150650\/Zusammenarbeit-1-495x341.jpg\" class=\"wp-image-14089 avia-img-lazy-loading-not-14089 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: DSMS according to GDPR: Structure &amp; practical implementation\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/datenschutz-management-system-dsgvo-dsms' title='DSMS according to GDPR: Structure &amp; practical implementation'>DSMS according to GDPR: Structure &amp; practical implementation<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/wiki\" rel=\"tag\">Wiki<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Learn all about templates, structure and implementation of a GDPR-compliant data protection management system (DMS).<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/datenschutz-management-system-dsgvo-dsms\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-04-23T09:41:39+02:00\" >23 April 2025<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/datenschutz-management-system-dsgvo-dsms#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150650\/Zusammenarbeit-1.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>341<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2019-09-26T13:41:57+02:00\" >2025-04-23 09:41:39<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-04-23 09:44:29<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>DSMS according to GDPR: Structure &amp; practical implementation<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-17123 slide-entry-overview slide-loop-2 slide-parity-even  av_one_third  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/ki-und-datenschutz-praxisleitfaden' data-rel='slide-1' class='slide-image' title='AI and data protection in practice'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"343\" src=\"https:\/\/media.robin-data.io\/2025\/01\/27132208\/kuenstliche-intelligenz-ai-495x343.png\" class=\"wp-image-16986 avia-img-lazy-loading-not-16986 attachment-portfolio size-portfolio wp-post-image\" alt=\"artificial intelligence\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: AI and data protection in practice\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/ki-und-datenschutz-praxisleitfaden' title='AI and data protection in practice'>AI and data protection in practice<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/wiki\" rel=\"tag\">Wiki<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Find out how artificial intelligence can be used in compliance with the GDPR. A practical guide.<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/ki-und-datenschutz-praxisleitfaden\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-04-07T13:24:22+02:00\" >7 April 2025<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/ki-und-datenschutz-praxisleitfaden#comments'>4 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2025\/01\/27132208\/kuenstliche-intelligenz-ai.png<\/span>\n\t\t\t\t\t\t<span itemprop='height'>343<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2019-09-26T13:41:57+02:00\" >2025-04-07 13:24:22<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-04-07 13:46:33<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>AI and data protection in practice<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-13099 slide-entry-overview slide-loop-3 slide-parity-odd  post-entry-last  av_one_third  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/activity-report-template-sample-content-according-to-gdpr' data-rel='slide-1' class='slide-image' title='activity report according to GDPR'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"343\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150313\/Dokumentationspflichten-495x343.jpg\" class=\"wp-image-14057 avia-img-lazy-loading-not-14057 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Activity report according to GDPR\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/activity-report-template-sample-content-according-to-gdpr' title='activity report according to GDPR'>activity report according to GDPR<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/wiki\" rel=\"tag\">Wiki<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Templates, whitepapers and implementation of the activity report according to the GDPR. Create the activity report automatically in just a few steps.<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/activity-report-template-sample-content-according-to-gdpr\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2022-03-04T10:32:48+01:00\" >4 March 2022<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/activity-report-template-sample-content-according-to-gdpr#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150313\/Dokumentationspflichten.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>343<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2019-09-26T13:41:57+02:00\" >2022-03-04 10:32:48<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-04-22 09:38:20<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>activity report according to GDPR<\/span><\/span><\/span><\/article><\/div><\/div><\/div><\/p><\/div>","protected":false},"excerpt":{"rendered":"<p>When do companies have to appoint a data protection officer? Learn about the tasks and position of a data protection officer.<\/p>","protected":false},"author":3,"featured_media":14054,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[71],"tags":[123,37],"class_list":["post-1680","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-wiki","tag-aufgaben","tag-datenschutz"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.8 (Yoast SEO v26.8) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Welche Aufgaben hat ein Datenschutzbeauftragter? | Wiki<\/title>\n<meta name=\"description\" content=\"Was macht ein Datenschutzbeauftragter? Wir erkl\u00e4ren die Bestellung eines Datenschutzbeauftragten und welche Aufgaben er erf\u00fcllen muss.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Datenschutzbeauftragter\" \/>\n<meta property=\"og:description\" content=\"Was macht ein Datenschutzbeauftragter? Wir erkl\u00e4ren die Bestellung eines Datenschutzbeauftragten und welche Aufgaben er erf\u00fcllen muss.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr\" \/>\n<meta property=\"og:site_name\" content=\"Robin Data GmbH\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/robindatade\/\" \/>\n<meta property=\"article:published_time\" content=\"2019-09-26T11:41:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-24T14:55:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"685\" \/>\n\t<meta property=\"og:image:height\" content=\"343\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Caroline Schwabe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@RobinData_DE\" \/>\n<meta name=\"twitter:site\" content=\"@RobinData_DE\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Caroline Schwabe\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"19 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter\"},\"author\":{\"name\":\"Caroline Schwabe\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\"},\"headline\":\"Datenschutzbeauftragter\",\"datePublished\":\"2019-09-26T11:41:57+00:00\",\"dateModified\":\"2025-03-24T14:55:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter\"},\"wordCount\":8172,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\",\"keywords\":[\"Aufgaben\",\"Datenschutz\"],\"articleSection\":[\"Wiki\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#respond\"]}]},{\"@type\":[\"WebPage\",\"ItemPage\"],\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter\",\"url\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter\",\"name\":\"Welche Aufgaben hat ein Datenschutzbeauftragter? | Wiki\",\"isPartOf\":{\"@id\":\"https:\/\/www.robin-data.io\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\",\"datePublished\":\"2019-09-26T11:41:57+00:00\",\"dateModified\":\"2025-03-24T14:55:15+00:00\",\"author\":{\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\"},\"description\":\"Was macht ein Datenschutzbeauftragter? Wir erkl\u00e4ren die Bestellung eines Datenschutzbeauftragten und welche Aufgaben er erf\u00fcllen muss.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#primaryimage\",\"url\":\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\",\"contentUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\",\"width\":685,\"height\":343},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/www.robin-data.io\/startseite\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Datenschutzbeauftragter\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.robin-data.io\/#website\",\"url\":\"https:\/\/www.robin-data.io\/\",\"name\":\"Robin Data GmbH\",\"description\":\"Robin Data ComplianceOS\u00ae Das Compliance Operating System\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.robin-data.io\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\",\"name\":\"Caroline Schwabe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g\",\"caption\":\"Caroline Schwabe\"},\"description\":\"Frau Schwabe ist Informationsdesignerin und Datenschutzbeauftragte. Der Schwerpunkt ihrer Arbeit liegt darin, Kunden und Interessenten mit Beitr\u00e4gen in der Robin Data Datenschutz-Akademie weiterzuhelfen.\",\"url\":\"https:\/\/www.robin-data.io\/en\/author\/csc\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What are the tasks of a data protection officer? | Wiki","description":"What does a data protection officer do? We explain the appointment of a data protection officer and what tasks he or she must perform.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr","og_locale":"en_GB","og_type":"article","og_title":"Datenschutzbeauftragter","og_description":"Was macht ein Datenschutzbeauftragter? Wir erkl\u00e4ren die Bestellung eines Datenschutzbeauftragten und welche Aufgaben er erf\u00fcllen muss.","og_url":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr","og_site_name":"Robin Data GmbH","article_publisher":"https:\/\/www.facebook.com\/robindatade\/","article_published_time":"2019-09-26T11:41:57+00:00","article_modified_time":"2025-03-24T14:55:15+00:00","og_image":[{"width":685,"height":343,"url":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","type":"image\/jpeg"}],"author":"Caroline Schwabe","twitter_card":"summary_large_image","twitter_creator":"@RobinData_DE","twitter_site":"@RobinData_DE","twitter_misc":{"Written by":"Caroline Schwabe","Estimated reading time":"19 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#article","isPartOf":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter"},"author":{"name":"Caroline Schwabe","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5"},"headline":"Datenschutzbeauftragter","datePublished":"2019-09-26T11:41:57+00:00","dateModified":"2025-03-24T14:55:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter"},"wordCount":8172,"commentCount":0,"image":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#primaryimage"},"thumbnailUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","keywords":["Aufgaben","Datenschutz"],"articleSection":["Wiki"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#respond"]}]},{"@type":["WebPage","ItemPage"],"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter","url":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter","name":"What are the tasks of a data protection officer? | Wiki","isPartOf":{"@id":"https:\/\/www.robin-data.io\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#primaryimage"},"image":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#primaryimage"},"thumbnailUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","datePublished":"2019-09-26T11:41:57+00:00","dateModified":"2025-03-24T14:55:15+00:00","author":{"@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5"},"description":"What does a data protection officer do? We explain the appointment of a data protection officer and what tasks he or she must perform.","breadcrumb":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#primaryimage","url":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","contentUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","width":685,"height":343},{"@type":"BreadcrumbList","@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/datenschutzbeauftragter#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.robin-data.io\/startseite"},{"@type":"ListItem","position":2,"name":"Datenschutzbeauftragter"}]},{"@type":"WebSite","@id":"https:\/\/www.robin-data.io\/#website","url":"https:\/\/www.robin-data.io\/","name":"Robin Data GmbH","description":"Robin Data ComplianceOS\u00ae The Compliance Operating System","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.robin-data.io\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5","name":"Caroline Schwabe","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g","caption":"Caroline Schwabe"},"description":"Ms. Schwabe is an information designer and Data Protection Officer. The focus of her work is to help customers and interested parties with contributions to the Robin Data Privacy Academy.","url":"https:\/\/www.robin-data.io\/en\/author\/csc"}]}},"_links":{"self":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/1680","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/comments?post=1680"}],"version-history":[{"count":44,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/1680\/revisions"}],"predecessor-version":[{"id":9372,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/1680\/revisions\/9372"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/media\/14054"}],"wp:attachment":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/media?parent=1680"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/categories?post=1680"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/tags?post=1680"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}