Since 25 May 2018, the GDPR (General Data Protection Regulation) has required companies across all industries to create a new position: that of the DPO (Data Protection Officer).
His/her appointment is mandatory in some cases, and highly recommended, in any case: it is a matter of a strategic choice aimed at establishing a dynamic of trust within and towards the company.
When is appointing a DPO mandatory?
- You are a public authority or a public body (except for activities related to jurisdictional function)
- You carry out transactions that entail regular and systematic large-scale monitoring of people
- You process "sensitive" data on a large scale
Selecting your DPO
There is no standard DPO; their profiles vary depending on the company (lawyer, CIO, auditor, manager, internal control, etc.). However, some qualities, illustrated below, are required for the job:
WHAT ARE THE DUTIES OF YOUR DPO?
- Advise line staff and recommends solutions for the development, design and implementation of projects
- Ensure the company's compliance with the personal data regulations
- Increase awareness and train the company and its employees on the obligations related to the handling of personal data
- Cooperate and act as a contact point with the CNIL, in case of consultation, questions or audits
FIDAL OFFERS SUPPORT SERVICES DEDICATED TO DPOS
Whether you still have to select the DPO for your organization, or whether your DPO has been recently appointed, our lawyers guide you to make the right decisions and putting in place concrete measures, as well as organizing training sessions on compliance issues:
DEVELOPMENT, DESIGN AND IMPLEMENTATION OF YOUR PROJECTS
- Launching a new product or service
- Changing service providers, regardless of the industry (e.g. replacement of IT solutions)
SPECIFIC CERTIFIED TRAINING ON THE ROLE OF THE DPO AND RAISING AWARENESS
- An operational training course on DPO issues recognized by the FFP (Fédération de la Formation Professionnelle: Occupational Training Federation) (currently being obtained)
- E-learning solutions for raising awareness among all your staff
ADVICE ON LEGAL ISSUES AND THE DRAFTING OF CONTRACTS
- Legality of a project involving personal data
- Contracts with all service providers
- Employment contracts / Legal notices
- International transfers of personal data
GUIDANCE IN THE MANAGEMENT OF YOUR RELATIONS WITH THE CNIL
- CNIL inspection on site, based on hearings, on documents and online
- Security breach within the company
- Complaint by a person to the CNIL
- Class action against your company
OUR ADDED VALUE
- A certification course dedicated to the role of DPO (certification in process of being obtained): recognized by the FFP, this operational training course will result in a certificate attesting to mastery of the DPO role.
- A team specialized in personal data issues dedicated to the management of personal data, accessible from our website: www.fidal-donnees-personnelles.com
- A cross-cutting and operational approach, adapted to your organization, your specific needs and challenges.
- CNIL certification of our "Fidalement Secure" audit procedure: a legal and technical method that is 100% compliant with CNIL auditing standards.