DPO As A Service
Data Protection & Security Experts
Freelance DPO
Does your organisation act as a data controller and are you obliged to appoint a DPO? DPO Associates has the certified DPOs in-house to communicate with the supervisory authorities as an intermediary.
GAP-Analysis
DPO-associates also conducts GAP-Analyses if you want to take your GDPR-Compliance to the next level. We perform an Analysis both on EU GDPR and implementation of ISO27001 Standards.
DPIA
In public procurement, developing new applications or processing sensitive personal data, conducting a DPIA will be a great added value. During a DPIA, we will calculate the risks, probability and likelihood of a data breach occuring.
GDPR-online
DPO Associates prepares your GDPR file according to the documentation requirement, provides recommendations both legal and IT-Technical and monitors annually. In addition, DPO Associates acts as an advisor to data subjects such as staff, customers, patients and third-party processors.
EU GDPR Representative
Organisations located outside the European Economic Area that offer goods and/or services within the European Union or operate additional branches in the Union are required to appoint an EU GDPR representative. DPO associates can act as your representative in Europe.
ISO 27001 Implementation
The ISO/IEC 27001 standard provides companies with guidance on how to establish, implement, maintain and continuously improve an information security management system. DPO Associates will assist you in drafting your information security policy.
Freelance DPO
Does your organisation act as a data controller and are you obliged to appoint a DPO? DPO Associates has the certified DPOs in-house to communicate with the supervisory authorities as an intermediary.
GAP-Analysis
DPO-associates also conducts GAP-Analyses if you want to take your GDPR-Compliance to the next level. We perform an Analysis both on EU GDPR and implementation of ISO27001 Standards.
DPIA
In public procurement, developing new applications or processing sensitive personal data, conducting a DPIA will be a great added value. During a DPIA, we will calculate the risks, probability and likelihood of a data breach occuring.
GDPR-online
DPO Associates prepares your GDPR file according to the documentation requirement, provides recommendations both legal and IT-Technical and monitors annually. In addition, DPO Associates acts as an advisor to data subjects such as staff, customers, patients and third-party processors.
EU GDPR Representative
Organisations located outside the European Economic Area that offer goods and/or services within the European Union or operate additional branches in the Union are required to appoint an EU GDPR representative. DPO associates can act as your representative in Europe.
ISO 27001 Implementation
The ISO/IEC 27001 standard provides companies with guidance on how to establish, implement, maintain and continuously improve an information security management system. DPO Associates will assist you in drafting your information security policy.
Deontology of the data protection officer
The DPO is subject to professional secrecy and has access to all systems where personal data may have been stored. The DPO provides information and advice within the organisation on GDPR.
The DPO works independently and does not perform any other functions in the company. this is to eliminate conflicts of interest in the case of a dispute.
the Group 29 (currently known as EDPB) has stated that the DPO must never hold a position that requires him or her to determine the purposes or means of processing personal data. In other words, the DPO may not exercise any decision-making power within a company.
The DPO answers questions from data subjects, is listed on the controller’s website and can be contacted using a separate DPO e-mail address within the organisation.
The DPO works under his/her own authority and reports to the most senior manager(s).


DUTIES OF THE DPO
A DPO is an expert in data protection and verifies that your company processes all personal data correctly according to GDPR legislation.
Therefore, the DPO’s main task is to provide recommendation regarding the preparation of a legal and IT GDPR file for an organisation.
As a professional, the DPO will provide assistance in the preparation of a register of processing, an information security policy, in the drafting of privacy statements. In addition, the DPO can also conduct an internal audit.
WHEN WILL APPOINTING A DPO BE MANDATORY?
Article 37 of the GDPR states that the appointment of a DPO is mandatory in the following specific cases:
- Data processing is carried out by a public authority or public body, regardless of the data they process, except in the case of courts in the exercise of their judicial functions; (37.1(a));
- The core tasks of the controller or processor consist of processing operations which, by their nature, their scope and/or their purposes, require regular and systematic observation on a large scale of data subjects; (37.1(b));
- The core tasks of the controller or processor consist of large-scale processing of special categories of data under Article 9 and of personal data relating to criminal convictions and offences referred to in Article 10 (37.1(c)).
- Belgian national law adds as a fourth category: anyone processing data on behalf of the Federal Government. Those wishing to compete for data-related tenders will therefore also have to appoint a DPO.
If your organisation does not fall under one of these categories, it may be useful to voluntarily appoint a DPO to improve GDPR compliance and avoid the occurrence of a data leak.