Skip to content
Sub practice
Sub practice

Data Protection Officer

High damages claims and administrative fines in the event of data protection breaches: the appointment of a data protection officer is mandatory. Are you familiar with their responsibilities and duties, and are these being implemented in a correct and compliant manner?

High damages claims and administrative fines in the event of data protection breaches: the appointment of a data protection officer is mandatory. Are you familiar with their responsibilities and duties, and are these being implemented in a correct and compliant manner?

As a rule, data protection officers have no decision-making power themselves but report to the management. Hence, it is the management that is responsible for complying with and implementing data protection. If the data protection officers are awarded corresponding powers to issue instructions under their respective contracts, this will also impact their liability.

Even without formal decision-making powers, data protection officers have considerable responsibility. With statutory provisions becoming increasingly complex, their tasks are also becoming more extensive. Breaches may trigger high damages claims and administrative fines and cause considerable reputational damage.

Are you sufficiently protected and trained?

 

News & insights

Aluminium

News: 04 May 2022

Allen & Overy advises HALEX Holding on the sale of its toolmaking division

Allen & Overy has advised HALEX Holding GmbH, a portfolio company of private equity investor Bencis Capital Partners, on the sale of its toolmaking division (HALEX Extrusion Dies) in Germany and in…

Read more
people travelling

News: 24 February 2022

Allen & Overy advises TripActions on the acquisition of Comtravo

Allen & Overy has advised TripActions, a company for travel, corporate card and expense management based in Palo Alto, California, on the acquisition of all shares in Berlin-based Comtravo GmbH…

Read more
Person using laptop, security icon on sceen.

Blog Post: 13 December 2021

CJEU issues opinion in favour of allowing consumer organisations to bring representative actions against GDPR infringement

On 2 December 2021, the Court of Justice of the European Union (CJEU) published the Advocate General’s (AG) opinion in case C-319/20 (Facebook Ireland) (the AG Opinion) relating to the issue of…

Read more
Mobile phone with security app on screen

Blog Post: 26 July 2021

CJEU Advocate General interprets direct marketing by email and targeted advertising under ePrivacy Directive

On 24 June 2021, the Advocate General (AG) of the Court of Justice of the European Union (CJEU) issued his opinion on the preliminary ruling request submitted by Germany's Federal Court of Justice…

Read more