Some organizations must have a Data Protection Officer (DPO), for others it is optional. A DPO can advise from an independent position on how privacy legislation should be applied in his organization.
Organizations must clearly communicate the contact details of their DPO. Customers and employees must be able to report privacy issues to the DPO quickly and confidentially. It should therefore be easy for anyone who wants to contact the DPO without anyone in between. It is mandatory to provide a direct telephone number, e-mail address, postal address and / or direct contact form with which the DPO can be reached.