Data Protection Officer
According to Art. 37 Para. 1 lit. a) of the General Data Protection Regulation (GDPR) and Section 13 of the Thuringian Data Protection Act (ThürDSG), all authorities and public bodies are obliged to appoint a data protection officer.
The data protection officer is appointed on the basis of his or her professional qualifications and, in particular, his or her expertise in the field of data protection law and data protection practice, as well as his or her ability to fulfill the tasks specified in § 15 ThürDSG.
These are in particular
- Informing and advising the controller and its employees
- Monitoring compliance with data protection regulations
- Assignment of responsibilities
- Acting as a point of contact for the supervisory authority
- Advice on all other data protection issues
- Raising employee awareness in connection with processing operations
The Data Protection Officer reports directly to the Lord Mayor and is not bound by any instructions regarding the performance of these tasks. He is bound by Union or Member State law to maintain secrecy or confidentiality in the performance of his duties.
Data subjects may consult the data protection officer on any matter relating to the processing of their personal data and the exercise of their rights under this Regulation.
It must be ensured that the data protection officer is properly involved at an early stage in all matters relating to the protection of personal data.