- Entity formation
- Entity management
- M&A transaction support
- Private capital & hedge fund core services
- Private capital
- Hedge fund
- Technology solutions
- Other funds services
- SPV corporate services
- Agency services
- Loan administration
- Cross capital market services
- Structures implementation and management
- Private client services
- Reporting services
Explore content
Show all >Featured articles and media

Insights | Corporate Client Services
Voluntary carbon credits bolster green bonds
25 May 2023
Read >
Featured articles and media
Show all media for Private Capital & Hedge Fund Services >Featured articles and media
Show all media for Capital Markets >Featured articles and media
Show all media for Private Clients >Featured events

Events | Virtual
Bankruptcy and Restructuring: Navigating Distress in the Evolving Markets
22 Jun 2023
Learn more >
Events | Virtual
Private Funds Industry Live, Expanding Private Funds in Global Markets
10 Jan 2023
Watch the recording >
Events | Virtual
Private Funds Industry Live, Demystifying Private Capital Funds
6 Dec 2022
Watch the recording >- Home
- Our services
- Corporate Client Services
- Entity formation
- Entity management
- M&A transaction support
- Private Capital & Hedge Fund Services
- Private capital & hedge fund core services
- Private capital
- Hedge fund
- Technology solutions
- Other funds services
- Capital Markets
- SPV corporate services
- Agency services
- Loan administration
- Cross capital market services
- Private Clients
- Structures implementation and management
- Private client services
- Reporting services
- Corporate Client Services
- Our locations
- About us
- News & Insights
- Login
GDPR, The Data Protection Officer: do you need to appoint a dedicated officer?
19 September 2018
The GDPR contains a large section about Data Protection Officer (DPO) requirements: it reads almost like an extensive job description with detailed information on appointment, position and tasks of the DPO. But how do you know if a DPO is mandatory for your organisation and whether you should consider outsourcing the DPO role?
Appointment of a DPO is mandatory for companies who are:
- a public authority
- regularly and systematically monitoring data subjects on a large scale
- processing special categories of data (medical/ethnic)
Think of companies which are state financed or owned with a focus on tracing or monitoring individuals through portable devices; companies with customer loyalty programmes; or organisations in the health care environment.
Even if you don’t meet the mandatory DPO criteria, you can chose to appoint a DPO voluntarily, you might base this decision on on best practice for your specific business sector.
Why outsource your DPO?
Once you’ve decided to appoint a DPO, you might consider whether appointing an external DPO would be more suitable than appointing someone from within your organisation. Outsourcing a DPO can be the best option if you’re searching for a part-time, cost effective solution; if your organisation needs independent expertise; or you want to avoid any possible conflict of interest. An outsourced DPO can provide your organisation with best practice guidance and independent sector expertise to help you comply with the GDPR requirements. By outsourcing the DPO, your organisation can benefit from an independent contact person towards the supervisory authority.
Find out more, get in touch with our experts.