Data protection officer

The EU General Data Protection Regulation (GDPR) mandates that an organization must appoint a data protection officer (DPO) under three conditions: it is a public authority, it engages in systematic monitoring of people, or it processes sensitive personal data on a large scale.

We would like to remind you that the DPO, who is designated for the local company, would be the contact person for the supervisory authority and for the data subjects. This means that intense and thorough communication between parties would be in local language. The language of public administration, but also the communication with public and data subjects shall be in Estonian according to the Estonian Language Act.
Please also include DPO’s personal ID or date of birth and citizenship.

The easiest way to report about Data Protection Officer is to do it through the e-Business Register. The notice can be entered in the register by a person who is represented in the register and has the legal representation right (board member). In this case, it is not necessary to send a separate notice to the Data Protection Inspectorate. If that not possible - you can send us a notification via regular mail or digitally (if the said digital signature is valid according to EIDAS regulation - regulation (EU) no 910/2014 of the European Parliament and of the Council).
Proceeding will be in Estonian. More information about Data protection officer.

Last updated: 29.01.2024