An internal data protection officer is a permanent employee at the enterprise who is responsible for the compliance with data protection regulations.

He or she may perform the following tasks at the premises of the controller:

  • Determining when, how and where personal data are processed;

  • Ensuring compliance with internal privacy policies

  • Communication of data protection procedures and processes to employees;

  • Informing the management about national and supranational data protection regulations;

  • Implementing requirements, directives and regulations of the European Union;

  • Monitoring the implementation of the legal provisions;

  • Internal training of employees who have access to personal data;

  • Performing regular reviews of enterprise data protection concepts;

  • Processing requests from the data subjects;

  • Communicating with employees, customers, service providers;

  • Communicating with the supervisory authorities;

  • Obtaining consent from the data subjects for the processing of personal data;

  • Carrying out internal data protection audits;

  • Assessing the risks related to data protection precautions;

  • Designing internal procedures to deal with complaints and inquiries.

We are comparing Internal and External DPO.