EU GDPR

Data Protection Officer as-a-service



EU General Data Protection Regulation

The General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years - we're here to make sure you're prepared.

Article 37 Designation of the data protection officer

Both the controller and the processor must designate a data protection officer (DPO) where "the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale", requiring a DPO.

Gambling companies are reporting entities for the purpose of Anti-Money Laundering & Counter-Financing of Terrorism (AML/CFT). As reporting entitiies gambling companies' core activities must process data which "require regular and systematic monitoring of data subjects on a large scale".
The GDPR requires the DPO is suitably capable (The data protection officer shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability to fulfil the tasks...). Governance Associates have a Certified GDPR Foundation consultant with decades of gambling experience.

Article 38 Position of the data protection officer

Both the controller & processor must:

* ensure active involvement of the DPO; and

* provide necessary resources!

Governance Associates provide cost effective, DPO-as-a-service options for gambling companies.

Compliance * (GDPR + gambling + ISMS + AML/CFT) = compliance-as-a-service

Compliance in the gambling industry can be an expensive undertaking. Governance Associates provide expert, cost effective compliance-as-a-service practitioners.