Compliance Library Blog Product Sign In
GDPR-35-02 Human Oversight 35 — Data protection impact assessment

Seek DPO advice when conducting DPIA

Description

The controller must seek the advice of the data protection officer, where designated, when carrying out a data protection impact assessment.

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Sign In to View

Related Obligations

GDPR-35-01 Risk Management

Conduct DPIA for high-risk processing
GDPR-35-03 Risk Management

Conduct DPIA for systematic automated evaluation with legal effects
GDPR-35-04 Risk Management

Conduct DPIA for large-scale special category data processing
GDPR-35-05 Risk Management

Conduct DPIA for systematic large-scale public area monitoring
GDPR-35-06 Transparency

Establish and publish DPIA-required processing list
GDPR-35-07 Reporting

Communicate DPIA-required list to Board
GDPR-35-08 Transparency

Establish and publish DPIA-exempt processing list
GDPR-35-09 Reporting

Communicate DPIA-exempt list to Board
GDPR-35-10 Data Governance

Apply consistency mechanism for cross-border lists
GDPR-35-11 Documentation

Include systematic description in DPIA

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Start your compliance assessment

Map obligations to your AI systems, identify gaps, and generate board-ready reports. Plans start at $149/mo.

Get Started