The OOO published the GDPR FAQs

The Data Protection Authority has finally shed light on unclear areas and questions on the GDPR that have often led to discussions, misinformation, incorrect recommendations and myths.


A document shedding light on the most common questions and sticking points of the GDPR, around which discussions, misinterpretations and misrecommendations have arisen, has "finally" been published on the website of the Data Protection Authority.

First and foremost, questions around certification, certification and data protection officer and much more are finally specified and answered.

The Data Protection Authority has stated, among other things, that only certification bodies (certification bodies) accredited for this activity can issue a certificate or data protection certificate. The draft law on personal data processing currently envisages that the accreditation of certification bodies will be carried out by the national accreditation body of the Czech Republic, the Czech Institute for Accreditation, o.p.s., with which the Office already cooperates closely. This body will therefore be the only authority that will accredit certification bodies. The Office is currently working on the preparation of criteria for issuing certificates and criteria for accreditation of certification bodies.

All answered GDPR questions can be found on the Data Protection Authority's website and we will be addressing them in an easy-to-understand form on our blog as time goes on, so be sure to follow it.

At Railsformers we are already doing everything we can to prepare our clients for the GDPR regulations. For example, you can visit our GDPR seminar in Ostrava in the near future.