Data protection · GDPR

External Data Protection Officer (DPO)

ITSP provides external Data Protection Officer services to organisations subject to the General Data Protection Regulation (GDPR), with a focus on clear governance, documented compliance and a direct line to management.

ITSP, external DPO

Acting as an external Data Protection Officer, ITSP assists organisations in structuring and operating their GDPR framework: identification of obligations, day‑to‑day handling of questions, and support in the event of incidents or regulatory scrutiny.

The service is designed for companies, public bodies and associations that require a DPO under the GDPR or choose to appoint one to secure their data protection practices.

Mandate as External Data Protection Officer

• Formal appointment as external DPO, in accordance with GDPR requirements.
• Independent function, reporting line defined with the organisation’s management.
• Regular access to relevant stakeholders (legal, IT, security, HR, business units).
• Engagement terms adapted to the organisation’s size, sector and risk profile.

Initial discussion

An initial discussion may be arranged to assess whether an external DPO mandate is appropriate for your organisation and to define the expected scope of work.

Contact by email Chat on WhatsApp

Scope of services

Advisory and monitoring

Advising on GDPR obligations, monitoring compliance over time and providing structured feedback to management on identified risks and remediation priorities.

Contact point for data subjects

Handling requests to exercise rights (access, rectification, erasure, restriction, objection, portability) and ensuring responses are documented and consistent with the organisation’s policies.

Liaison with supervisory authorities

Acting as the contact point with supervisory authorities, where required, in relation to data protection matters, investigations or queries.

Governance and documentation

Assisting in the preparation and maintenance of records of processing activities, policies, procedures, DPIAs and incident documentation, in line with regulatory expectations.

Working with your teams

The external DPO function is carried out in close coordination with the organisation’s internal teams. Frequency of meetings, reporting formats and escalation channels are agreed at the outset of the mandate.

Depending on the context, ITSP may intervene on specific projects, on a recurring basis, or as a long‑term point of contact for all questions relating to personal data protection.

For further information regarding an external DPO mandate, please contact: itsp.business@gmx.fr

For written exchanges via WhatsApp (chat only): +32 484 71 57 37.