The Data Protection Officer (DPO)

March 12, 2020

The idea of having a Data Protection Officer within a company or organisation is to offer a further measure of security and added protection of the data that is collected and held, the DPO effectively acts as an extra safeguard.  


Having a DPO is not mandatory in most cases. The three particular, specific situations where a DPO must be appointed are:


- Where processing is undertaken by a public body - this excludes the court system operating in their official ambit.


- Where regular collection and systematic monitoring of data takes place in that it is, by nature, the core activity of a business or organisation.


- Where processing of special data or data relating to criminal convictions is a principal activity and is done on a large scale.

The DPO can be an individual, a third party or an employee (restrictions do apply in this case so that no conflict of interest arises - e.g. Senior Management in IT or HR should not also be the DPO). The person can be appointed by a group of entities as a single individual made available to all parties in involved. Equally, a DPO appointment can cover and act within multiple unrelated bodies or agencies. It is expected that the designated person will have expertise in data privacy law and practice and the capability to fulfil the tasks required by the company to become GDPR compliant.


The most important thing to understand about the DPO role is that it is a special role that carries specific obligations, for example:

to be involved in all issues that relate to protection of personal data;

to act independently;

be a contact point for data subjects for all issues concerning the subjects rights.


Alongside this the appointed DPO is afforded particular rights, among which are:

be supported by the Controller and Processor;

to not be penalised for performing his or her duties;

to have access to senior management.


The role of DPO will generally encompass the following:

to inform and advise on GDPR obligations;

to monitor the organisations compliance with GDPR;

to provide advice internally and to be involved in training;

to act as a point of contact for both data subjects and the Supervisory Authority.







Become a Partner
As a partner you have the option to promote a wide spectrum of GDPR services from the complete GDPR checklist to GDPR managed services. PanoSec have an affiliate program and a channel partner program.
Affiliate Partners
Our affiliate program gives you the opportunity to gain a percentage of any revenue earned from customers you refer to us.

The program works as follows:

1. Create an account: Affiliate Registration
Register via the "Affiliate Registration" button below, then login to your account and click on "Programs".

2. Start promoting PanoSec products!
Once you are in the programs page, get your unique affiliate links and start marketing. You can track all your affiliate referrals in your personal dashboard.
Affiliate registration
Channel Partners
PanoSec Channel Partners Program is focused on technology companies, security VARs, SaaS service providers, business continuity experts and insurance companies who will use PanoSec as a part of their security offer to end users.

Start Now