Data Protection Officer (DPO)

Required under GDPR Article 37 for public authorities + organisations conducting large-scale processing of special-category data. The DPO advises on DPIA scope, monitors compliance, and acts as the contact point with the supervisory authority. In AI deployments, the DPO is typically the first signoff on data-processing aspects of any model.

Framework references

• GDPR Art. 37–39

Relevant Responsible AI Studio tools

• /tools/dpa-generator
• /tools/policy-generator

More governance role terms

• AI Ethics Committee →
• AI Operator (NIST AI RMF) →
• AI Risk Owner →
• Authorised Representative (EU AI Act) →

See the full 80-term glossary →