Data Protection Officer
→ Communication of the appointment of the Data Protection Officer before the Spanish Agency for Data Protection
→ Information and advice to the person in charge or in charge of the treatment and to the employees who deal with the treatment, of the obligations incumbent on them under the RGPD 2016/679 and LOPDGDD 3/2018
→ Supervision of compliance with the provisions of the RGPD 2016/679 and LOPDGDD 3/2018 and the policies of the person in charge or the person in charge of the treatment regarding the protection of personal data, including the assignment of responsibilities, the awareness and training of the personnel who participates in processing operations, and the corresponding audits
→ Cooperation with the control authority and acting as its point of contact for issues related to treatment, including prior consultation in relation to Impact Assessments, and making consultations, where appropriate, on any other matter
→ Management of the mailbox for notifications of claims and contact with the DPD
→ Management with data processors and controllers to ensure proactive responsibility and security guarantees
→ Analysis of data processing and preparation of the Register of RAT processing activities and their Life Cycle
→ Information and advice to the person in charge or in charge of the treatment and to the employees who deal with the treatment, of the obligations incumbent on them under the RGPD 2016/679 and LOPDGDD 3/2018
→ Supervision of compliance with the provisions of the RGPD 2016/679 and LOPDGDD 3/2018 and the policies of the person in charge or the person in charge of the treatment regarding the protection of personal data, including the assignment of responsibilities, the awareness and training of the personnel who participates in processing operations, and the corresponding audits
→ Cooperation with the control authority and acting as its point of contact for issues related to treatment, including prior consultation in relation to Impact Assessments, and making consultations, where appropriate, on any other matter
→ Management of the mailbox for notifications of claims and contact with the DPD
→ Management with data processors and controllers to ensure proactive responsibility and security guarantees
→ Analysis of data processing and preparation of the Register of RAT processing activities and their Life Cycle
→ Intrusive system proportionality test / legitimate interest in processing
→ Asset verifications
→ Risk analysis by treatment
→ Analysis of the need to appoint a DPD and to prepare the EIPD by treatment
→ Verification and proposal of security measures
→ Analysis and drafting of protocols, information, consent and DPA contracts
→ Audits and writing of web texts
→ Drafting of the GDPR – LOPDGDD Compliance Plan and Compliance Report
→ EIPD Data Protection Impact Assessment Drafting
→ Training and accompaniment
→ Access to the repository with updated documentation
→ Regular compliance reminders and regular reviews
→ Resolution of queries , written responses to exercises of rights and requests for information from the Spanish Agency for Data Protection