Data protection officer (Dpo)

The Data protection officer (DPO) is a professional role required and regulated by the General Data Protection Regulation (GDPR, Chapter IV. Art. 37-39): as a public institution, the National Research Council of Italy is legally obliged to appoint a DPO.

The duties of a Data Protection Officer include:

to monitor compliance with GDPR, also evaluating risks and impact assessment of processing of personal data, with regard to the nature of the processing, context and scopes;
to cooperate with the controller/processor, where requested, in order to effectively conduct a Data Protection Impact Assessment (DPIA);
to inform and advise the controller/processor and their employees who carry out data processing of their obligations pursuant to the GDPR and other data protection provisions;
to cooperate with the National Supervisory Authority (Garante per la Protezione dei Dati Personali) and act as a contact point for every issue related to a processing of personal data;
to support the controller/processor in every task related to the processing of personal data, also referring to the maintaining of the record of processing activities.

The appointed DPO of the National Research Council of Italy is ing. Roberto Puccinelli, email: dpo@cnr.it.

Documenti

Provvedimento del direttore generale n. 91/2023 del 04/07/2023 di nomina del Responsabile della Protezione dei Dati personali

Last update: 29/11/2023