Compliance Secretariat
The technical back-office that keeps records alive and deadlines met.
Alongside advice and monitoring, the data protection function requires a technical back-office that keeps records alive and deadlines met. The Compliance Secretariat takes on that specialised administrative operation.
It is the discreet work that sustains accountability: the records of processing, the rights and claims desk, the breach register, document control and liaison with the AEPD.
Maintenance of the Records of Processing
Keeping the Article 30 record up to date as processing changes.
Rights and Claims Desk
Receiving, logging and handling rights requests and Article 37 claims.
Breach Register and Calendar
Maintaining the breach register and a calendar of recurring obligations.
Document Control
Version control of policies, notices and processor agreements, with traceability.
Liaison with the AEPD
Preparing the DPO designation, its communication to the AEPD and routine correspondence.
Management Reporting
Preparing the periodic report to management on compliance status.