Skip main navigation
You are at: Home>Certification>Persons Certification–DPO
Persons Certification- Data Protection Officer

Persons Certification- Data Protection Officer

Persons Certification

The General Data Protection Regulation, in force since April 2016 and mandatory as of May 25, 2018, requires a guarantee and accreditation of compliance through responsible management.

The Regulation introduces the position of Data Protection Officer (DPO - also referred to as DPDs in Spain), who assumes the supervision and coordination of compliance with the Regulation. This person must be assigned on the basis of his/her professional qualities, theoretical and practical knowledge, and capacity to perform the functions indicated in the Regulation.

Furthermore, Organic Law 3/2018, of 5 December, on Personal Data Protection and guarantee of digital rights, which became effective on 7 December 2018, adapts the GDPR to the Spanish legal system and, among other aspects, specifies organizations where the designation of a Data Protection Officer is mandatory.

This figure will be mandatory in:

  • Authorities and public bodies
  • Companies that deal with large-scale sensitive data
  • Companies that monitor people systematically and on a large scale
  • Insurers, financial and investment institutions, educational centres, information society service providers, and so on.

The publication of the Spanish Data Protection Agency's Certification Outline, firmly shows that the Agency is committed to the Certification of DPDs, as a guarantee of their fulfillment of responsibilities, for companies which establish the new Regulation. 

In order to become certified, these professionals should fulfill the requirements established in the outline with regard to their experience and training received, and should take the examination conducted by an accredited body.

Data Protection Officer Certification

The Spanish Data Protection Agency (AEPD) has promoted the development of certification for Data Protection Officers, to offer security and reliability to both privacy professionals and companies and other entities that will incorporate this figure into their organisations, or need to hire the services of a qualified professional.

AENOR INTERNACIONAL SAU is a certification body accredited by ENAC with accreditation no. 25/C-PE035, in accordance with the Certification Scheme: Data protection (Scheme Owner: Spanish Data Protection Agency).

Recognition of Training Activities
Recognition of Training Activities

In accordance with the provisions of the AEPD Certification Outline, Training Entities who want to provide recognised training under this outline must request prior recognition of the training programmes from an accredited certification body.

All you need to know about DPO certification