DPO and GDPR flowchart

1. Do you have a flowchart diagram for GDPR implementation similar to the one attached to this email (for ISO 27K1) ?

No, the flowchart is not needed since the GDPR toolkit you purchased gives you the exact steps you should follow in the implementation - the numerated folders in the toolkit are the implementation steps. The best document for managing the project is found in the directory 01_Preparations_for_the_Project, called Project Plan.

2. I am working for a firm which does not perform a lot of personal data processing and hence, does not need a DPO. In the toolkit what or who should I replace DPO with? as the DPO role is used all across the toolkit.

You can replace the Data Protection role with the person responsible for data protection in your organization, like the Privacy Manager, the Compliance Manager or even the IT Manager. The DPO role is very formal, it has specific requirements. However, even if you don’t need a DPO, you should have in your organization a go-to person in case there are questions from data subjects or data protection authorities. A person that can assist with guidance related to GDPR-compliance issues. That person should be referenced in the documents.

Please consult these links as well:

• The role of the DPO in light of the General Data Protection Regulation: https://advisera.com/eugdpracademy/knowledgebase/the-role-of-the-dpo-in-light-of-the-general-data-protection-regulation/
• 9 steps for implementing GDPR: https://advisera.com/articles/9-steps-for-implementing-gdpr/
• EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course/
• EU GDPR Data Protection Officer Course: https://advisera.com/training/eu-gdpr-data-protection-officer-course/