Appoint a Data Protection Officer (DPO)
Your company/organization needs to appoint a DPO if its core activities involve the use of sensitive data or systematic monitoring, on a large scale. In that respect, monitoring the behavior of individuals includes all forms of tracking and profiling on the internet, including for the purposes of behavioral advertising.
Public administrations must always appoint a DPO (except for courts acting in their judicial capacity).
The DPO may be a staff member of your organization or contracted externally via a service contact. A DPO can be an individual or an organization.
Examples
DPO mandatory
A DPO is mandatory for example when your company/organization is:
DPO not mandatory
A DPO isn’t mandatory if: