The Data Protection Officer is responsible for:
- informing and advising the data controller, the processing entity and the employees who process personal data on their obligations under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as: GDPR (OJ EU. L. of 2016, No. 119, item 1) and other European Union or Member State legislation on data protection and advising them on this matter;
- monitoring compliance with the GDPR, other European Union or Member States data protection legislation and the policies of the controller or the processing entity in the field of personal data protection, including the allocation of responsibilities, awareness-raising activities, training of personnel involved in processing operations and related audits;
- providing recommendations upon request for data protection impact assessments and monitoring their implementation in accordance with Article 35 of the GDPR;
- cooperating with the supervisory authority;
- acting as the contact point for the supervisory authority on processing matters, including prior consultation as referred to in Article 36 of the GDPR, and, where appropriate, consulting on any other matter.