The post of the Data Protection Officer (DPO) is established by Article 17 of the Eurojust Decision. The DPO is a specially appointed member of the Eurojust staff, entrusted with the main task of ensuring, in an independent manner, lawfulness and compliance with the provisions of the Eurojust Decision concerning the processing of personal data and any other applicable rules. In the performance of the duties referred to in the Eurojust Decision, the DPO acts independently.
The DPO carries out the following tasks:
- ensures, in an independent manner, lawfulness and compliance with the provisions of the Eurojust Decision concerning the processing of personal data;
- ensures that each transmission and receipt of information is recorded properly and complies with the security conditions;
- ensures that data subjects are informed of their rights under the Decision at their request.
In the performance of her tasks, the DPO has access to all the data processed by Eurojust and to all Eurojust premises.
The DPO is an internal auditor of the organisation, but not only that. Any Eurojust post-holder may report an alleged breach of the provisions governing the processing of personal data with the DPO, or ask the DPO for any kind of advice on matters related to data protection and data processing. In case of an alleged breach, the DPO will carry out the investigation in close cooperation with all involved parties.
The DPO is at Eurojust since November 2003 and plays a fundamental role in internal control of data protection compliance within the organisation.