Tasks of the data protection officer
1. The data protection officer shall have at least the following tasks:
- (a) to inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to this Regulation and to other domestic law relating to data protection;
- (b) to monitor compliance with this Regulation, with other domestic law relating to data protection and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;
- (c) to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;
- (d) to cooperate with the Commissioner ;
- (e) to act as the contact point for the Commissioner on issues r elating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.
2. The data protection officer shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.
Important note about UK GDPR recitals
Recitals to the GDPR are saved into UK domestic law and apply to the interpretation of the UK GDPR. However, they have not been amended upon saving. This may mean that some recitals are no longer relevant if the corresponding provisions have not been retained in UK domestic law. (Tell me more.)