2024-05-27

Tengiz Mamulia was appointed as the Personal Data Protection Officer of the Personal Data Protection Service

---

Tengiz Mamulia was appointed as the Personal Data Protection Officer of the Personal Data Protection Service

Tengiz Mamulia worked in several structural units of the Personal Data Protection Service of Georgia, during which he directly participated in the process of examining the lawfulness of data processing by the Personal Data Protection Service of Georgia and provide consultations on matters related to data protection, also, actively involved in the activities carried out by the Service to raise public awareness of the novelties provided by the new Law of Georgia "On Personal Data Protection".

We would like to remind you that the new Law of Georgia “On Personal Data Protection” requires public institutions and certain private organizations to appoint or designate a data protection officer. The novelty will enter into force on 1 June.

According to the Law of Georgia "On Personal Data Protection", a controller and a processor shall ensure the proper involvement of a personal data protection officer in the process of making important decisions regarding data processing, provide him/her with appropriate  resources and ensure his/her autonomy in the performance of activities.

According to the Law of Georgia “On Personal Data Protection”:

• A personal data protection officer shall be accountable to the highest governance structure, taking into account the specific circumstances;
• A personal data protection officer shall have appropriate knowledge in the field of data protection;
• The personal data protection officer shall have the right to perform other functions unless they give rise to a conflict of interest.

 

The personal data protection officer shall:

• Inform a controller, a processor and their employees on matters related to data protection, including matters related to the adoption or amendment of regulatory legal norms, and provide them with advice and assistance regarding the methodology used;
• Participate in the development of internal regulations related to data processing and the data protection impact assessment document, and also monitor whether a controller or a processor complies with the legislation of Georgia and the internal organisational documents;
• Analysing requests and complaints received regarding data processing and making appropriate recommendations;
• Receive consultations from the DPO, represent a controller and a processor in relations with the DPO, submit information and documents at its request and coordinate and monitor the execution of its tasks and recommendations;
• In the event of a request from a data subject, provide him/her with information on data processing and his/her rights;
• Perform other functions to ensure the improvement of the standards of data processing by a controller and a processor.

To inform the Personal Data Protection Service about the designation/appointment of the Personal Data Protection Officer, you can use the following link: https://pdps.ge/en/content/1056/personalur-monacemTa-dacvis-oficris