Organizations that process data, regardless of whether they are located in the EU, may need to appoint a Data protection officer to monitor internal compliance with the GDPR. Additionally, organizations that are located outside of the EU and are regulated by the GDPR need to appoint an EU representative.
Data protection officer
The GDPR outlines three cases in which controllers need a DPO:
1. The controller is in the public sector
2. The controller regularly or systematically monitors data on a large scale
3. The controller processes sensitive data on a large scale (Article 37).
Having a OnceHub account does not necessarily mean that your organization needs to appoint a DPO. You should examine your organization’s core activities to determine whether you meet one of the three cases that would require an appointment of a DPO. That said, appointing a DPO could be very beneficial to your business even if it is not required. As an impartial party, a DPO can help your organization ensure all processing activities are conducted in a GDPR compliant manner. Your DPO can either be an employee of your organization, or be retained as a contracted service.
Do organizations using OnceHub need a DPO?
If your organization is not located in the EU, the GDPR requires that you appoint an EU representative to ensure compliance and represent your organization to the supervisory authority in the EU member states. Your organization may need to appoint an EU representative if you process data on a large scale and are in the private sector (Article 27).
The contact details of your DPO and EU representative must be readily available to data subjects, processors and the relevant supervisory authority. To ensure compliance, OnceHub requires that you provide this information in your account settings.
Providing contacts to OnceHub
Steps to add contact information about your DPO and EU representative to your OnceHub account
To provide OnceHub with the contact details of your DPO and EU representative, follow these steps:
1. Sign in to your OnceHub Administrator account. In the left sidebar, navigate to Account -> Privacy- > GDPR information (See Figure 1).
2. Fill in the information regarding your DPO and EU representative.
You’re all set! This information can be edited at any time.