undefined | Better HN

0 pointsmnkypete7y ago0 comments

https://ico.org.uk/for-organisations/guide-to-the-general-da...

Under the GDPR, you must appoint a DPO if:

you are a public authority (except for courts acting in their judicial capacity); your core activities require large scale, regular and systematic monitoring of individuals (for example, online behaviour tracking); or your core activities consist of large scale processing of special categories of data or data relating to criminal convictions and offences.

So - no?

0 comments

skrause7y ago

In Germany the law has been that you only need a DPO if a) you are a public authority, b) at least 10 people in your organization/company handle or have access to personal data or c) you handle sensitive data (e.g. health records).

As far as I know the GDPR doesn't change these requirements here. So even if you're a company of 5 people and just handling some email addresses or similar data you certainly don't need a DPO.

j / k navigate · click thread line to collapse