Data Protection Officer

Some organisations, for instance those whose core activities involve regular and systematic monitoring of personal or sensitive data on a large scale as well as public sector organisations, have to appoint a Data Protection Officer (hereafter “DPO”) to ensure compliance with the General Data Protection Regulation.

In a nutshell, the DPO provides advice and guidance about data protection to University staff and management and is the contact person for the Luxembourg data protection authority, the National Commission for Data Protection (CNPD). The DPO also organises regular training sessions.

The University has developed its own rules on the role of the DPO and how to implement the GDPR; these are laid down in its Data Protection Policy. The University of Luxembourg has appointed Sandrine Munoz as DPO.

The existing data protection rules applicable to the University are being reformed to be brought in line with the General Data Protection Regulation. The new rules are designed to make institutions more accountable in the way they process personal data.