European Data Protection Supervisor
European Data Protection Supervisor

DPO Corner

DPO Corner

Getting started

In this section, you will find background and other practical documents, containing essential information for you to carry out your Data Protection Officer (DPO) tasks and mission.

The Position papers on Professional Standards for Data Protection Officers and on the role of a Data Protection Officer are complemented by a brief presentation on “The DPO at work” which gives tips and best practices for a professional Data Protection Officer.

Firstly, however, you may want to recap on what the decision appointing a DPO should contain. Thereafter, you can review the implementing rules concerning the tasks, duties and powers of the DPO adopted by your body. The guidelines contained here, illustrated with an example, are helpful in drafting these rules.

Article 26 of Regulation 45/2001 states that “A register of processing operations notified in accordance with Article 25 shall be kept by each Data Protection Officer”. To help you keep such a register, the EDPS advises that you first identify all the processing operations in an inventory.

It is then easier to identify processing operations that should be notified to you in accordance with Article 25. A template of an Article 27 notification together with instructions will also allow you to properly notify your risky processing operations to the EDPS.  

We also thought it would be useful for you if we included some tips and presentations on how to raise awareness within your institution as well as templates of privacy statements .

Lastly, there is also an e-learning module available on data protection. This module offers learners a practical introduction to Personal Data Protection and the Regulation (EC) N° 45/2001 (Course code: CTO_EL00DATAPROX). Those who are interested should address their request to their training manager in order to enrol in Syslog.