Rafael Rojas Cunha has been appointed Data Protection Officer (DPO) at MATH Group
Posted: Sun Dec 22, 2024 6:38 am
Rafael Rojas Cunha, Infrastructure & Systems Manager at MATH Group , has been appointed Data Protection Officer (DPO). With over twenty years of experience in the IT area, Rafael's career was based on the segment, having graduated as a Computer Network Technologist from the Lutheran University of Brazil (ULBRA), with a specialization in Computer Networks also from ULBRA, and also holds a Data Protection Officer (DPO) certification from Assespro/RS.
What is a Data Protection Officer (DPO)?
The DPO is a person (natural or legal) dedicated to complying with data protection standards/best practices and respecting privacy in the company. Their appointment is usually required by the most recent laws in this field, including the General Data Protection Law (LGPD), which preferred to adopt the term “Manager”.
Their performance presupposes extensive knowledge of the business and independence to formulate recommendations that protect the privacy of the holders of the data processed in the company.
It is advisable to appoint a DPO per company, whose name and contact details must be publicly singapore phone number example disclosed, establishing a secure communication channel with him/her.
What are the main duties of a DPO?
The DPO's activities basically consist of:
Receive requests, complaints and communications in general from holders of personal data, addressing them, providing clarifications and enabling the exercise of their rights;
Be a point of contact with the inspection authorities, endorsing the practices adopted by the company, providing accounts and responding to any requests;
Ensure that records of personal data processing operations carried out by the company are maintained;
Prepare Data Protection Impact Reports (DPIR) to assess the risk in the use of personal data and the company's regulatory compliance, especially in the development of new products, services and practices (Privacy by Design);
Conduct internal audits and proactively establish compliance and risk prevention strategies involving personal data;
Guide and train company employees regarding best practices for protecting personal data;
Take response measures to incidents involving the leak or theft of personal data, including reporting to the authorities or respective data subjects.
Who can be a DPO?
The chosen individual/company must have (or develop) the following requirements:
legal-regulatory knowledge about legislation and best practices in personal data protection, with an emphasis on LGPD;
technical knowledge about the company's databases and Information Technology and Information Security structure;
detailed knowledge of the company and its business model, with access to the highest level of each management;
knowledge of compliance and compliance practices;
independence of action, avoiding the occurrence of conflicts of interest.
For more information about the processing of personal data at MATH Group, please contact
What is a Data Protection Officer (DPO)?
The DPO is a person (natural or legal) dedicated to complying with data protection standards/best practices and respecting privacy in the company. Their appointment is usually required by the most recent laws in this field, including the General Data Protection Law (LGPD), which preferred to adopt the term “Manager”.
Their performance presupposes extensive knowledge of the business and independence to formulate recommendations that protect the privacy of the holders of the data processed in the company.
It is advisable to appoint a DPO per company, whose name and contact details must be publicly singapore phone number example disclosed, establishing a secure communication channel with him/her.
What are the main duties of a DPO?
The DPO's activities basically consist of:
Receive requests, complaints and communications in general from holders of personal data, addressing them, providing clarifications and enabling the exercise of their rights;
Be a point of contact with the inspection authorities, endorsing the practices adopted by the company, providing accounts and responding to any requests;
Ensure that records of personal data processing operations carried out by the company are maintained;
Prepare Data Protection Impact Reports (DPIR) to assess the risk in the use of personal data and the company's regulatory compliance, especially in the development of new products, services and practices (Privacy by Design);
Conduct internal audits and proactively establish compliance and risk prevention strategies involving personal data;
Guide and train company employees regarding best practices for protecting personal data;
Take response measures to incidents involving the leak or theft of personal data, including reporting to the authorities or respective data subjects.
Who can be a DPO?
The chosen individual/company must have (or develop) the following requirements:
legal-regulatory knowledge about legislation and best practices in personal data protection, with an emphasis on LGPD;
technical knowledge about the company's databases and Information Technology and Information Security structure;
detailed knowledge of the company and its business model, with access to the highest level of each management;
knowledge of compliance and compliance practices;
independence of action, avoiding the occurrence of conflicts of interest.
For more information about the processing of personal data at MATH Group, please contact