When it comes to the correct processing of personal data and compliance with the GDPR rules in a given company or organisation, it is the Danish Data Protection Agency that supervises and must ensure that everything is done correctly.
Who is the Data Protection Authority?
The Danish Data Protection Agency (Datatilsynet) is the central independent authority in Denmark that supervises compliance with data protection rules in organisations and authorities
The Danish Data Protection Agency is a supervisory authority responsible for ensuring that data protection rules are followed. The Danish Data Protection Agency advises and guides organisations on personal data security, handles complaints about breaches of the GDPR and carries out inspections of authorities and companies.
The Danish Data Protection Agency also offers guidance on GDPR to individuals and small businesses through its website, which includes a podcast on GDPR
The tasks, functions and duties of The Danish Data Protection Agency are statutory and derive from the Data Protection Act, the GDPR, the Law Enforcement Directive, the Law Enforcement Act and the Television Surveillance Act.
What are the functions of The Danish Data Protection Agency?
The Danish Data Protection Agency as an authority has many functions and they include:
They investigate and deal with complaints from citizens in relation to breaches of GDPR rules.
They conduct investigations related to breaches of GDPR rules to ensure compliance with the rules.
They inform citizens in Denmark about their rights to have their personal data protected under the GDPR.
They help both data controller and data processor in public and private sector organisations to comply with data protection rules through guidance and dialogue.
They inform organisations about how personal data should be protected.
They cooperate with other data protection authorities in the EU.
The structure of The Danish Data Protection Agency
The Danish Data Protection Agency consists of the Data Protection Board (Datarådet) and a Secretariat. The Board primarily decides on cases of a fundamental nature. A case of principle is a case that has a particular public interest or a case where the decision may have an impact on how similar cases are decided in the future.
The Secretariat is responsible for the rest of the tasks of the The Danish Data Protection Agency and for its day-to-day operations. The Danish Data Protection Agency employs around 80 people.
The Danish Data Protection Agency carries out inspections of public authorities
The Danish Data Protection Authority is responsible for supervising authorities and organisations to check that their processing of personal data is carried out in accordance with the rules. The supervisor may examine an organisation's technical and organisational security measures to check that they protect personal data properly.
If a controller, such as an organisation or individual, does not comply with the rules of the GDPR, the supervisor can report the controller to the police and set them a GDPR fine.
The Danish Data Protection Agency Whistleblower Scheme
The Danish Data Protection Agency's external whistleblower scheme can be used by anyone who wants to report serious breaches of law or other types of violations that they have become aware of through their work.
It is possible to report breaches of EU law, information on bribery, harassment, fraud, etc. It is possible to report a wide range of serious matters and not only in relation to data protection law.
The Danish Data Protection Agency has an address at Carl Jacobsens Vej 35 in Valby, and their contact details can be found on their website.
Sofie Meyer is a copywriter and phishing aficionado here at Moxso. She has a master´s degree in Danish and a great interest in cybercrime, which resulted in a master thesis project on phishing.