Data Protection Officer
05 April 2019
Modified: 02 October 2023
Reading time: 2 minute(s)
Pursuant to Sections 25/L to 25/N of Act CXII of 2011 on informational self-determination and the freedom of information and Articles 37 to 39 of Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR), the NRDI Office employs a Data Protection Officer (DPO).
Particulars of the DPO:
- Name: Dr Gyula Csaba Gór
- Address: NKFIH, 1077 Budapest, Kéthly Anna tér 1.
- Mailing address: 1438 Budapest, Pf. 438
- Telephone: +36 20 480 4365
- Email: adatvedelmitisztviselo@nkfih.gov.hu
Responsibilities of the DPO:
Participates in the fulfilment of data processing and data protection tasks related to the activity of the NRDI Office as controller or processor. Continuously monitors compliance with the legal rules governing the processing of personal data and with data processing and privacy principles; promotes the enforcement of the rights of data subjects; investigates the complaints of data subjects; and prompts the controller or the processor to take appropriate measures to remedy the complaint. Fulfils these responsibilities under the direct control of the President of the NRDI Office.
Particular responsibilities of the DPO:
- Updates the employees of the NRDI Office and other participants in data processing operations on the legal requirements of personal data processing, and advises them on how to comply with such requirements.
- Continuously monitors compliance with the legal requirements of personal data processing, including in particular laws and internal data protection and security regulations, and, more specifically, monitors the implementation of the clear assignment of data processing responsibilities, the data protection training and awareness raising of employees participating in data protection operations, and the inspections to be performed on a regular basis.
- Promotes the exercise of data subjects’ rights in particular through investigating their complaints and prompting the controller or the processor to take appropriate measures to remedy such complaints.
- Provides professional advice for the performance of and monitors the data protection impact assessment.
- Cooperates with organisations and persons competent to conduct procedures in relation to the lawfulness of data processing, in particular through communicating the National Authority for Data Protection and Freedom of Information to facilitate preliminary consultations and the procedures to be conducted by the Authority.
- Participates in the development of the internal data protection and security regulations.
Updated: 02 October 2023