Hi Roberto, thanks for your question. Why not drop us an email at hello@keepabl.com to discuss your situation? Alternatively, you can find a useful download in the "Home" section of our channel!
What a great question! Well, we're not aware of a decision on this and neither the Art 29 WP/EDPB nor ICO guidance mention DPOs and DSARs. They do mention DPIAs and both state that it's the obligation of the controller not the DPO to complete the DPIA, the DPO advises. If one was being overly technical, one might say that doing a DSAR is a conflict, and the DPO should only advise, which is certainly the safest position. However we're aware many organisations have their DPOs do the DSAR, and many DPOs do DSARs.
Hi and thanks for your question. You'll appreciate we can't give legal advice and this may vary from country to country even within the EEA. However - what we can say is that the DPO under GDPR should not be conflicted. If the lawyer is eg creating policies and procedures or eg has a management in the Legal department or otherwise and therefore has a role in reviewing individuals, hiring etc, then they are likely conflicted as 'marking their own homework' or 'behaving as a controller' based on the cases we discuss in the video and more recent cases. [Employees, including lawyers, are not controllers, their employer legal entity is. Here, we're talking about exercising a role that has 'controllership' qualities, as explained in the video]. We know this is a charged topic and can vary country by country!
Looking to achieve GDPR compliance within your organisation? Arrange a demo and free 14-day trial of Keepabl's award-winning Privacy Management SaaS: bit.ly/3iWSyEl
You mention several good available options for outsourcing a DPO. Do you have a list of those?
Hi Andi, if you email us at hello@keepabl.com we'd be happy to discuss that with you to see if we can recommend the right person / team.
Hi, how do I start the process of GDPR compliance for a start up?
Hi Roberto, thanks for your question. Why not drop us an email at hello@keepabl.com to discuss your situation? Alternatively, you can find a useful download in the "Home" section of our channel!
So do DPO respond to dsars? Thanks
What a great question! Well, we're not aware of a decision on this and neither the Art 29 WP/EDPB nor ICO guidance mention DPOs and DSARs. They do mention DPIAs and both state that it's the obligation of the controller not the DPO to complete the DPIA, the DPO advises. If one was being overly technical, one might say that doing a DSAR is a conflict, and the DPO should only advise, which is certainly the safest position. However we're aware many organisations have their DPOs do the DSAR, and many DPOs do DSARs.
How i can become a DPO
Can a lawyer become dpo
Lol, I had the same question.. therefore I landed on this video.
Hi and thanks for your question. You'll appreciate we can't give legal advice and this may vary from country to country even within the EEA. However - what we can say is that the DPO under GDPR should not be conflicted. If the lawyer is eg creating policies and procedures or eg has a management in the Legal department or otherwise and therefore has a role in reviewing individuals, hiring etc, then they are likely conflicted as 'marking their own homework' or 'behaving as a controller' based on the cases we discuss in the video and more recent cases. [Employees, including lawyers, are not controllers, their employer legal entity is. Here, we're talking about exercising a role that has 'controllership' qualities, as explained in the video]. We know this is a charged topic and can vary country by country!
Looking to achieve GDPR compliance within your organisation? Arrange a demo and free 14-day trial of Keepabl's award-winning Privacy Management SaaS: bit.ly/3iWSyEl