Skip main navigation
You are at: Home>Certification>Persons Certification–DPO
Persons Certification- Data Protection Officer

Persons Certification- Data Protection Officer

Persons Certification


The General Data Protection Regulation, in force since April 2016 and mandatory as of May 25, 2018, requires a guarantee and accreditation of compliance through responsible management.

The Regulation introduces the position of Data Protection Officer (DPO - also referred to as DPDs in Spain), who assumes the supervision and coordination of compliance with the Regulation. This person must be assigned on the basis of his/her professional qualities, theoretical and practical knowledge, and capacity to perform the functions indicated in the Regulation.

Furthermore, Organic Law 3/2018, of 5 December, on Personal Data Protection and guarantee of digital rights, which became effective on 7 December 2018, adapts the GDPR to the Spanish legal system and, among other aspects, specifies organizations where the designation of a Data Protection Officer is mandatory.

This figure will be mandatory in:

  • Authorities and public bodies
  • Companies that deal with large-scale sensitive data
  • Companies that monitor people systematically and on a large scale
  • Insurers, financial and investment institutions, educational centres, information society service providers, and so on.

In February, due to the development of the requirements of the accredited Delegates of Data Protection certification scheme, AENOR decided to definitively abandon the DPD certification activity.


Data Protection Officer Certification

The Spanish Data Protection Agency (AEPD) has promoted the development of certification for Data Protection Officers, to offer security and reliability to both privacy professionals and companies and other entities that will incorporate this figure into their organisations, or need to hire the services of a qualified professional.


Recognition of Training Activities
Recognition of Training Activities

In accordance with the provisions of the AEPD Certification Outline, Training Entities who want to provide recognised training under this outline must request prior recognition of the training programmes from an accredited certification body.


All you need to know about DPO certification

DPO-data-protection