General Data Protection Regulation (GDPR) is a key consideration for any business that collects personal data from their clients or customers, and affects companies of all sizes. According to GDPR, any company that processes the personal data of European customers on a large scale and monitors their behaviour or preferences is obliged to appoint a Data Protection Officer (DPO). Companies processing a large amount of sensitive data – such as data on health, sexuality, and philosophical or religious beliefs – are also obliged to designate a DPO. Activities where a DPO is a necessity include personal data processing for behavioural targeting through search engines, location tracking, processing data via telephone or internet service providers, loyalty programmes, profiling and evaluation for risk assessments, monitoring health and physical fitness data via mobile devices, large-scale video surveillance, and the provision of connected devices such as smart meters, smart cars, and smart home devices.
The importance of hiring a DPO
Failing to appoint a DPO when it is mandatory can place your business at risk of being handed a hefty fine of up to €10 million. For enterprises, the fine could total up to two per cent of their entire annual turnover from the previous financial year. Furthermore, companies that don’t appoint a DPO are obliged to prove that they don’t require one through detailed analysis and documentation. Data Protection Officers are appointed by companies to monitor their compliance with data protection law, and will boast an exceptional knowledge of the law and all relevant practices. Upon hiring a DPO, companies must report their decision to their country’s supervisory authority and publish their officer’s contact details.
DPO’s may be an existing employee – but alternatively, sourcing an external advisor offers a fresh pair of eyes on your data protection processes. JDS Consulting provides outsourcing services of DPO’s, delivering a high-performance professional, an experienced lawyer, and a practitioner in the field of personal data protection. The company offers unique experience in providing services for entities from a wide variety of sectors including energy, production, pharmaceutical, healthcare, automotive, financial, data management, and IT. When assisting groups of companies, JDS Consulting can assume the wide-ranging role of a global DPO.
Furthermore, its international consulting service includes solving a range of problems related to the processing and transfer of personal data that may arise while conducting cross-border business activities. JDS Consulting ensures that its clients can complete these activities safely and in compliance with GDPR, opening up a world of possibilities. The consultancy has been delivering these services for almost 20 years, and its international client list includes organisations such as 3M Company, UPS, Rhenus Logistics, CNH Industrial, Ruukki, Convatec, Iveco, Egger, Lhoist, Merck, Schindler, Siemens, Sopra Steria, Stora Enso, Equinix, and Volkswagen.
For more information on JDS Consulting and its broad range of data protection, compliance and consultancy services, visit their website at www.jds.com.pl.