Company fined 50.000 euros for having an in-house Data Protection Officer with a conflict of interest
- 13 May 2020
- Conferences & Publications
In its decision 18/2020 of 28 April 2020, the dispute chamber of the Belgian Data Protection Authority fined a company because its head of compliance, audit and risk also assumed the role of the organization’s Data Protection Officer (DPO). According to the dispute chamber, this combination of roles creates a conflict of interest and therefore constitutes an infringement of Article 38 (6) GDPR.