Compliance| 2 min. read | 3/18/2025

GDPR Information Series #3: The Data Protection Officer

Valerie Bertrand
SVP, European Counsel, Associate General Counsel – Africa, Europe, Middle East and UK
Key Takeaways

  • What is the GDPR?
    The General Data Protection Regulation (GDPR) is the European Union’s general privacy and data protection law.
  • What is a Data Protection Officer (DPO)?
    An organization’s DPO supports its compliance with laws regulating the use and processing of personal data.
  • Who is First Advantage’s DPO?
    First Advantage’s DPO in the United Kingdom and Europe is HewardMills, a global DPO office.

A Data Protection Officer (DPO) is an individual responsible for supporting an organization comply with data protection laws and ensuring personal data is handled appropriately. Under Article 37 of the General Data Protection Regulation (GDPR), appointing a DPO is mandatory for certain organizations, including public authorities and those that conduct large-scale monitoring of individuals or process large volumes of sensitive personal data. The DPO advises on privacy obligations, monitors compliance, provides guidance on data protection risks, and serves as a contact point for individuals and regulators on privacy-related matters.

HewardMills serves as the Data Protection Officer (DPO) for First Advantage in United Kingdom and Europe.

HewardMills supports First Advantage Global Compliance team for monitoring First Advantage’s data privacy compliance and serves as a point of contact between Fist Advantage, individuals, and the Supervisory Authorities.

HewardMills is a global DPO office with a multidisciplinary team of data professionals. HewardMills has a wide range of skills and expertise within its team, further supported by a network of trusted strategic partners. HewardMills is known for its long-lasting embedded relationships, their focus is on integrity, ethics, and for protecting customers and Data Subjects. HewardMills assists customers around the world with building robust data protection compliance programs on four (4) fundamental pillars: Corporate Governance, Privacy Operations, Polices & Procedures and Training & Awareness.

Explore our compliance resources.

Get Started

HewardMills as First Advantage’s DPO

HewardMills supports First Advantage and helps build a robust compliance programme around the 4 pillars.

  • Corporate Governance
    • Data protection corporate governance structures
    • Registrations and notifications with the appropriate data protection authorities
    • Regional Analyses & Horizon Watching
  • Privacy Operations
    • Data Protection Impact Assessments (DPIA)
    • Record of Processing Activities (RoPAs)
    • Legitimate Interest Assessment (LIA)
    • Data Subject Rights Requests (DSRRs)
    • International Data Transfer Mechanisms
    • Privacy by Design and by Default
    • Breach management planning and response plans
    • Data Retention
    • ePrivacy
  • Policies and Procedures
  • Training & awareness
  • Others
    • Point of contact for the Data Protection Authorities
    • Local regulatory requirements

HewardMills’ DPO Presence in Europe:

 

For more information on HewardMills, please visit https://hewardmills.com/.

Next in the GDPR Information Series…“Lawful Basis for Processing”

Frequently Asked Questions

Organizations that offer goods or services to, or process data from, individuals in the EU must comply with GDPR requirements, even if they are not based in the EU themselves. If you are not sure whether this applies to you, contact your compliance and legal counsel.

Data Protection Officers (DPOs) are responsible for informing an organization of its obligations under the GDPR, monitoring its compliance, providing guidance, and acting as a point of contact for individuals and authorities who have requests regarding the processing of personal data.

About the author

Valerie Bertrand
SVP, European Counsel, Associate General Counsel – Africa, Europe, Middle East and UK

Valerie, based in Germany, looks after the legal function for Africa, Europe, Middle East and UK at First Advantage since 2021.

Since 2006, she has been working in HR industry for different regions of the world, where she particularly gained knowledge in data protection law.

She also obtained an executive MBA in Business Law and Management (2015 – Paris 2 Pantheon – Assas, France)  and two industry certifications: certified Information Privacy Professional/Europe certification and certified Information Privacy Manager.


This content is offered for informational purposes only. First Advantage is not a law firm, and this content does not, and is not intended to, constitute legal advice. Information in this may not constitute the most up-to-date legal or other information.

Readers of this content should contact their own legal advisors concerning for their particular circumstance. No reader, or user of this content, should act or refrain from acting on the basis of information in this content. Only your individual attorney or legal advisor can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this content does not create an attorney-client relationship between the reader, or user of this presentation and First Advantage.

Grow Confidently With Client Service Excellence

View All

Background Check Resources

Trustworthy information to assist you with strategies that empower business growth, enlighten leadership and help you face the future with confidence.

Now Available!

2024 Trends Report Reveals Latest Insights