The Data Protection Officer (DPO) is a specially appointed member of the Eurojust staff. The post-holder is responsible for independently overseeing the application of the data protection rules set out by the Eurojust Regulation as well as the general rules governing EU institutions, and serves as a link between the agency and the European Data Protection Supervisor (EDPS).
As part of the responsibilities of the role, the Data Protection Officer acts as an independent auditor to ensure the rules regarding the processing and storing of personal data are correctly applied by post-holders at all times. To monitor compliance, the DPO carries out regular surveys of personal data processing by Eurojust’s College and administrative units and their staff, and reports their findings to the College of Eurojust and the EDPS. This information is used by the EDPS when carrying out inspections and other supervisory tasks.
In addition, the DPO advises Eurojust staff members on all matters related to data protection and data processing and consults on any alleged rule breaches. If an act of non-compliance is suspected, the DPO carries out an investigation in cooperation with the involved parties. In the event of a breach being discovered, the DPO informs the College and the Administrative Director. If Eurojust is unable to resolve the issue internally, the DPO brings it to the attention of the EDPS.
In addition to liaising with the EDPS, Eurojust’s DPO is in regular contact with other relevant authorities as well as the data protection officers of other European organisations, exchanging views and helping to promote the work of Eurojust. The DPO also keeps a close eye on data protection initiatives at European level, updating Eurojust on any relevant changes or developments.