• >
• GDPR & Personal Data
• >
• Audit plan of the Data Protection Office for 2024

Audit plan of the Data Protection Office for 2024

7. 3. 2024 GDPR & Personal Data

The Data Protection Office (“DPO”) is the central administrative authority for the protection of personal data, which primarily supervises compliance with the obligations related to the processing of personal data arising from the General Data Protection Regulation (GDPR). In order to exercise this power, the DPO carries out inspections initiated on the basis of complaints and suggestions received or on the basis of its inspection plan.

The inspection plan is drawn up for each year by the DPO and includes a description of the planned inspections, the subjects to be inspected and the period during which each inspection will be conducted. Subsequently, the inspection plan is publicly available on the DPO’s website (here).

In 2024, the OPDP will focus in particular on:

• the public authorities’ use of data from the population register,
• recording of telephone calls,
• processing of personal data in information systems within the Schengen area,
• processing of personal data by the Police of the Czech Republic, and
• sending of unsolicited commercial communications via e-mail or SMS by delivery services.

Additionally, the Public Bodies Control Unit will participate with other European supervisory authorities in the Coordinated Enforcement Framework on the implementation of the right of access by data controllers. We continue to monitor the DPO’s inspections and its conclusions and will keep you informed of the significant ones. If you would like more detailed information on the practice of the DPO, we will be happy to help you.