| Ti | = | Article 38 - Position of the data protection officer |
|
| 1.sec | = | The {_controller} and the {_processor} shall ensure that the data protection officer is involved, properly and in a timely manner, in all issues which relate to the protection of {_personal_data}. |
|
| 2.sec | = | The {_controller} and {_processor} shall support the data protection officer in performing the tasks referred to in Article 39 by providing resources necessary to carry out those tasks and access to {_personal_data} and {_processing} operations, and to maintain his or her expert knowledge. |
|
| 3.sec | = | The {_controller} and {_processor} shall ensure that the data protection officer does not receive any instructions regarding the exercise of those tasks. He or she shall not be dismissed or penalised by the {_controller} or the {_processor} for performing his tasks. The data protection officer shall directly report to the highest management level of the {_controller} or the {_processor}. |
|
| 4.sec | = | {_data_subjects} may contact the data protection officer with regard to all issues related to {_processing} of their {_personal_data} and to the exercise of their rights under this Regulation. |
|
| 5.sec | = | The data protection officer shall be bound by secrecy or confidentiality concerning the performance of his or her tasks, in accordance with Union or Member State law. |
|
| 6.sec | = | The data protection officer may fulfil other tasks and duties. The {_controller} or {_processor} shall ensure that any such tasks and duties do not result in a conflict of interests. |
|
| = | [G/Z/ol/s6] |
|
/Docs/G/EU-GDPR-Law-CmA/Sec/Article/38.md