The responsibilities of the company data protection officer are diverse.
They consist in particular of advising and monitoring with regard to compliance with the requirements and obligations of the GDPR by the data controllers.
Ideally, the data protection officer examines the current status of the data protection level in the company and supports the management in implementing suggestions for improvement.
He has no decision-making power of his own and is merely subordinated to the highest management level of the company.
However, the data protection officer is not bound by instructions when carrying out his work.