Contact Details
Tel: +44 (0) 845 051 0361
Fax: +44 (0) 845 280 1501

Acuity Group Limited
Tower 42
25 Old Broad Street
London EC2N 1HN
United Kingdom

eData Protection Officer


5 Key Messages
to accelerate Success
In your compliance journey

Get instant access to our free guide now to learn the secrets to building an effective and successful compliance program in your business

eData Protection Officer

Primary Responsibilities

Working closely with data protection authorities as their contact inside the organisation and helping to ensure compliance.

Training staff on proper data handling practices

Maintaining knowledge of changes in law and technology

Building, implementing and managing privacy programs.


Risk and Technology: Experience assessing risk and best practice mitigation

Management System / Framework: Practical experience in designing and building management systems for the full operational life cycle.

Legal expertise and independence: Knowledge of EU legislation plus all relevant jurisdictions (including outsourcing activities / supplier services)

Cultural/Global: Interpersonal skills, flexibility and ability to effectively communicate with relevant business functions (Legal, IT, HR, Marketing etc.)

Leadership: Leadership and program management experience, and to manage own professional development Independent / Board Level: Ability to fulfil the role autonomously

Communication: Ability to speak in a ‘common language’ of the average employee and external data subject, to handle requests and complaints, and to help others assist data subjects.

Conflict management: Provide advice and guidance, avoiding conflict with internal management roles wherever possible

Primary eDPO Functions

Working with regulators: The DPO should be acquainted with relevant regulations (in jurisdictions where the organisation does business) and have a positive working relationship with them.

Accessibility to data subjects: The Article 29 Working Party has stressed the importance of DPO’s being available to answer data subject’s questions.

Assessing privacy risk: It is not the eDPO’s role to carry out privacy impact assessments, however the eDPO must monitor them and provide the controller with advice on them, including when to conduct one, methodology, whether to outsource it, selecting safeguards/controls, and ensuring compliance.

eDPO dismissal and penalties: An eDPO may not be penalised for performing DPO-related duties.

Acuity GRC consultancy services

Acuity GRC SaaS Products

Almost there,
Just 1 final step... Get Your Free Guide

'5 Key Messages
to Accelerate Success'

We hate SPAM (every bit as much you probably do!) and promise to keep your email address safe!