Boring Legal Q: DPO in Germany

This is a really, REALLY dull question - and I should probably know the answer.

Can someone please tell me where I can find the legislation or guidance that if appointing a DPO in Germany, they must speak German and be in Germany?

The issue I have is why they have to be in Germany, not speak German (which I do understand), FYI.

Thanks in advance.

Does the "O" stand for orifice?

Onanist, surely?

It's Officer, you clowns.

Double Penetration Officer.

Heeheeheehee

one of the perks of my job is i get to turn up to meetings all over europe and insist they speak english regardless.

group DPO doesnt need to be in germany?

and lead authority doesn't need to be germany just because you touch the market

their usual wheeze is it doesn't technically need to be in germany. just doing the role will be entirely dependent on resources that are only accessible within germany

under-the-radar the most protectionist country in europe

they dont need to speak German nor do they need to be in German. It can be anyone adequately skilled to fill the role.

@Geoff - interesting because that's exactly what I thought. But I am being told by a large regional firm in the UK, that it must be a german speaking "local"...

Clubbers - I wish we did that here.

Tell them a large international firm says otherwise - https://resourcehub.bakermckenzie.com/en/resources/data-privacy-securit…

I wonder if they're conflating the rules regarding lawful intercept in Germany?

I'm not sure if the not need to speak German is quite as clear cut.

Depending on the organisation involved, speaking German may be considered a qualification requirement (if the other people the DPO needed to work with spoke only German, for example)

Art. 37 DSGVO

Benennung eines Datenschutzbeauftragten

2 Eine Unternehmensgruppe darf einen gemeinsamen Datenschutzbeauftragten ernennen, sofern von jeder Niederlassung aus der Datenschutzbeauftragte leicht erreicht werden kann.

The DPO needs to be easily accessible for the German brach. So should have a phone and e-mail.

The DSGVO is actually absolutely silent on language skills. It only says that the DPO should be capable of performing the tasks of the DPO (this is in Art 39). Art. 39 decribed the tasks, but does not give as a prerequisite of the DPO having any German skills.

But I will do it for you as a side gig.

If (big if) they have to be in Germany then yes.

I think I t’s bog standard for EU regulators to expect the EU DPO to speak the language of the relevant authority

But if they don’t need a German based one why not have an EU DOO rep somewhere more English friendly like the Netherlands

DPO

Refresh Back to board

Discussion

Join the discussion