Job profile
Data protection officers (m/w/d)

Data protection is now mandatory for all companies which have a web site or use personal data in any other way. In order to implement data protection obligations efficiently, data protection officers are now indispensable within the company. They are the point of contact for legal data protection issues and provide clarification of the data protection obligations, and they also provide support in solving specific problems. As well as providing employers, employees and the works council with internal support, they also provide training with regard to the data protection requirements of the respective area. Data protection officers are also the first point of contact within the company for external customers, suppliers and contract partners.

The overall work of data protection officers is intended to protect personal data. They therefore work instruction-free, but are also not authorized to issue instructions. This means that they are not personally responsible for making the decisions concerning the implementation of the data protection regulations. The responsibility always lies with the so-called controller, i.e. the "... natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data." (GDPR, Article 4).

Data protection officers have a considerable amount of responsibility within companies. Because the requirements are strict, new reporting obligations apply in the event of data breaches. The possible consequences of failure to comply with the data protection regulations include compensation claims, penalties and damage to the company's image, which must not be ignored.

The tasks of a data protection officer at a glance:

• Monitoring of compliance with the data protection regulations
• Analysis and optimisation of business processes and IT security with regard to the processing of personal data
• personenbezogener Daten analysieren und optimieren
• Preparing assessments
• Checking of contracts with service providers
• Drawing up corporate guidelines
• Communicating with authorities
• Carrying out a data protection impact assessment
• Production of the list of processing activities
• Providing employees with training about data protection law
• Involvement in employee monitoring
• Giving advice to the works council

There is no legally binding training for carrying out the activities of a data protection officer. However, certification is important for the employer. Because this must be produced as soon as violations occur. Regardless of this, anyone with sufficient specialist knowledge can become a data protection officer in principle. This means that the data protection officer must have relevant practical knowledge of the current laws, judgements and regulations.

The position is often occupied by lawyers and IT experts with appropriate additional qualifications. Particularly due to the fact that there is no special training or field of study for data protection officers, the following soft skills are essential in addition to knowledge of the applicable regulations and the correct implementation thereof:

• The ability to explain legal matters in a comprehensible way
• Solution orientation
• Capable of working in a team
• Assertive
• Social skills
• Independence

Data protection officers start with a comparatively low gross annual salary of €24,000. However, over the course of the years the average salary may already have risen to €33,000, and in major companies the salary may even be as high as €60,000 per annum. Self-employed data protection officers usually charge an average hourly rate of €120.

The opportunities for obtaining a position as a data protection officer are very good. There is currently a shortage of experts with the specialist knowledge that is required. This is because public bodies and private companies have only had to employ their own data protection officers since the GDPR came into force in May 2018. The relevance of data protection is on the increase, and therefore also the demand for qualified data protection officers.

Data protection becomes essential as soon as a company starts to process personal data, be it in the HR area or in marketing. And so does the job of the data protection officer. Be it in management consulting, online shops, handicraft enterprises or hotels, and also in gastronomy, care, IT services or even in kindergartens – the protection of personal data must be guaranteed.

As broad as your options are with regard to your choice of industry as a data protection officer, so are our options for binding you more or less firmly to your new employer. We can check together which contract model is the best match for you and your current situation. Be it in permanent employment, freelance work, temporary employment or our workforce management. Let's check together which contract model is the most suitable for you.

We can find competent data protection officers who match a company with their professional and personal qualifications very easily. The basis for this is our innovative "Find & Engage" concept. We use databases, search networks and a close relationship with our candidates to create applicant profiles which allow our recruiters to find the best candidate for every vacancy. We can network applicants with suitable companies within a very short time, and invite them to get to know each other. In doing so, we take the interests and priorities of the applicants just as much into consideration as the interests and priorities of our companies. As soon as a perfect match has been found, the introductory talks have taken place in an optimal way, and both parties are sure that good cooperation is possible, we coordinate all of the relevant framework conditions. Applicants can be hired directly by the company or by means of temporary employment via Hays.