Phishing simulation Awareness training Data breach detection Pricing About Blog Resources Contact
Get started Log in

What is the Danish Data Protection Agency?

When it comes to GDPR compliance in organisations, it's up to the Danish Data Protection Agency to make sure it's all done properly.

02-09-2022 - 4 minute read. Posted in: gdpr.

What is the Danish Data Protection Agency?

When it comes to the correct processing of personal data and compliance with the GDPR rules in a given company or organisation, it is the Danish Data Protection Agency that supervises and must ensure that everything is done correctly.

Who is the Data Protection Authority?

The Danish Data Protection Agency (cf. Datatilsynet) is the central independent authority in Denmark that supervises compliance with data protection rules in organisations and authorities.

The Danish Data Protection Agency is a supervisory authority responsible for ensuring that data protection rules are complied with. The Danish Data Protection Agency advises and guides organisations on personal data security, handles complaints about breaches of the GDPR and carries out inspections of authorities and companies.

The Danish Data Protection Agency also offers guidance on GDPR to individuals and small businesses through its website, which includes a podcast on GDPR.

The tasks, functions and duties of The Danish Data Protection Agency are statutory and derive from the Data Protection Act, the GDPR, the Law Enforcement Directive, the Law Enforcement Act and the Television Surveillance Act.

What are the functions of The Danish Data Protection Agency?

The Danish Data Protection Agency as an authority has many functions and they include:

  • They investigate and deal with complaints from citizens in relation to breaches of GDPR rules.

  • They conduct investigations related to breaches of GDPR rules to ensure compliance with the rules.

  • They inform citizens in Denmark about their rights to have their personal data protected under the GDPR.

  • They help both data controller and data processor in public and private sector organisations to comply with data protection rules through guidance and dialogue.

  • They inform organisations about how personal data should be protected.

  • They cooperate with other data protection authorities in the EU.

As AI and ChatGPT are used more frequently, the Danish Data Protection Agency's work is becoming even more focused on the digital security and compliance of our newer technology and its use.

The structure of The Danish Data Protection Agency

The Danish Data Protection Agency consists of the Data Protection Board (Datarådet) and a Secretariat. The Board primarily decides on cases of principle. A case of principle is a case that has a particular public interest. It can also be a case where the decision may have an impact on how similar cases are settled in future cases of similar character.

The Secretariat is responsible for the rest of the tasks of the The Danish Data Protection Agency and for its day-to-day operations. The Danish Data Protection Agency employs around 80 people.

The Danish Data Protection Agency carries out inspections of public authorities

The Danish Data Protection Authority is responsible for supervising authorities and organisations to check that their processing of personal data is carried out in accordance with the rules. The supervisor may examine an organisation's technical and organisational security measures to check that they protect personal data properly.

If a controller, such as an organisation or individual, doesn't comply with the rules of the GDPR, the supervisor can report the controller to the police and set them a GDPR fine.

The Danish Data Protection Agency Whistleblower Scheme

The Danish Data Protection Agency's external whistleblower scheme can be used by anyone who wants to report serious breaches of law or other types of violations that they have become aware of through their work.

When it comes to whistleblowing schemes, there are many different schemes for each company. The core of the scheme is that any illegal or immoral incident can be reported. And ultimately, all reports are sent to the Danish Data Protection Agency.

It is possible to report breaches of EU law, information on bribery, harassment, fraud, etc. It is possible to report a wide range of serious matters and not only in relation to data protection law.

The Danish Data Protection Agency has an address at Carl Jacobsens Vej 35 in Valby, and their contact details can be found on their website.

This post has been updated on 19-07-2023 by Sofie Meyer.

Author Sofie Meyer

Sofie Meyer

Sofie Meyer is a copywriter and phishing aficionado here at Moxso. She has a master´s degree in Danish and a great interest in cybercrime, which resulted in a master thesis project on phishing.

View all posts by Sofie Meyer

Similar posts

Cybersecurity compliance: A complete guide
awareness

Cybersecurity compliance: A complete guide

We've created a complete guide for you on cybersecurity compliance - or how to best comply with regulations and laws. Read on and learn more.

09-11-2023 · 7 min.
Crypto heist: A modern-day robbery
cybercrime

Crypto heist: A modern-day robbery

Digital currencies have become increasingly popular among investors as well as hackers. This has led to a new type of "bank" robbery, namely crypto heists.

29-03-2024 · 5 min.
IRM: Cyber incident management
awareness

IRM: Cyber incident management

As we become more reliant on technology, the cyber threat becomes even greater. Here we take a look at IRM and how it can prepare you properly.

20-06-2023 · 5 min.