Article 41
DPO or Person in Charge of Personal Data
The controller shall appoint the controller for the processing of personal data.
- 1 The identity and contact information of the person in charge shall be disclosed publicly, clearly and objectively, preferably on the controller's website.
- 2. The activities of the person in charge consist of:
- I - accept complaints and communications from the holders, provide clarifications and adopt measures;
- II - receive communications from the national authority and adopt measures;
- III - advise the entity's employees and contractors regarding the practices to be taken in relation to the protection of personal data; and
- IV - perform the other duties determined by the controller or established in complementary rules.
- 3. The national authority may establish complementary rules on the definition and attributions of the person in charge, including hypotheses of exemption from the need for his appointment, according to the nature and size of the entity or the volume of data processing operations.
- 4 (Vetoed).