§ 7 BDSG
Tasks
(1)The data protection officer shall, in accordance with Union law or the law of the Federation or of the Länder, have the following tasks in particular: 1 informing and advising the controller and the employees who carry out processing of their obligations pursuant to this Act and other data protection provisions,; 2 monitoring compliance with this Act and other data protection provisions as well as with the policies of the controller in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits,; 3 providing advice where requested as regards the data protection impact assessment and monitoring its performance pursuant to Section 67 of this Act and Article 35 of Regulation (EU) 2016/679,; 4 cooperating with the Federal Commissioner or the competent supervisory authority of the Land,; 5 acting as the contact point for the Federal Commissioner or the competent supervisory authority of the Land on issues relating to processing, including the prior consultation referred to in Section 69 of this Act and Article 36 of Regulation (EU) 2016/679, and to consult, where appropriate, with regard to any other matter.
(2)The data protection officer may perform other tasks and duties. The public body shall ensure that any such tasks and duties do not result in a conflict of interests.
(3)The data protection officer can be contacted by data subjects with regard to all issues related to the processing of their personal data and the exercise of their rights under this Act as well as under Regulation (EU) 2016/679.