As part of the service, the Data Protection Officer monitors the organization’s internal and external context on an ongoing basis and ensures that compliance with legal requirements in the area of data protection is continuously maintained. In addition, it informs the Administrator and its employees of required changes to the data protection system maintained in the organization.

The intricacy of regulations related to the protection of personal data and the fact that this data appears in almost every area of the Organization’s activities generates many doubts. As part of the proposed service, the IOD responds to employees’ questions and concerns on an ongoing basis and helps resolve problems related to the processing of personal data

As part of the service provided, Blue Energy Consultants perform a security audit at least once a year to verify how requirements under applicable legal requirements in the area of personal data protection, internal policies that have been implemented in the Organization, as well as approved codes of conduct and industry requirements are met.

As part of the service provided, the Supervisor is responsible for overseeing the data protection impact assessment process, appointing individuals to carry out the risk analysis, training and awareness building in this area, and aggregating and analyzing the results obtained

The inspector is responsible for analyzing and reporting any data protection violations. The role of the Supervisor is to collect reports, properly manage the incident, ensure internal and external communication, including with data subjects and the supervisory authority.

During the adaptation of the organization to the requirements of RODO, as part of incident handling and as a result of internal audits, improvement measures are formulated that should be implemented. The Data Protection Officer supports you in selecting improvement solutions tailored to your organization’s needs.

It is the responsibility of the Data Protection Officer to continuously and effectively build employee awareness in the area of information security. As part of its service, IOD provides traditional training or e-learning training. The inspector is responsible for preparing training materials and informational brochures for employees beginning employment for whom initial training is being conducted.

All persons whose personal data is processed by the organization have the right to, among other things, obtain a copy of their data, the right to withdraw consent to its processing, or the right to be forgotten (RODO art.15-21) (i.e., to have their data deleted). The realization of the aforementioned rights is a major problem for organizations due to the need for substantive verification of applications, unambiguous confirmation of the identity of applicants or tracing data within the organization. If needed, the DPO provides support in the implementation of the above processes. The Inspector serves as the point of contact between the Organization and the President of the Office of Personal Data Protection.

As part of the service, the IOD supports the review of agreements and provisions in contracts entered into, ensuring the application of appropriate legal constructions in the area of personal data protection.

The Data Protection Authority may conduct inspections to verify compliance with the Act. The audit may also be conducted by parties who provide us with personal data through entrustment of processing. The DPO actively participates in such inspection and implementation of follow-up actions.