You are here:

Last updated on 16 November 2017
Ref: 33679
School types: All · School phases: All

Schools must appoint a data protection officer under the General Data Protection Regulation. We explain the duties of the role, what experience they should have, and what training they may need. You can also download and adapt our template job description and person specification.

Article tools


  1. Schools must have a DPO 
  2. Model role description and person specification
  3. Who to appoint
  4. Responsibilities of the DPO
  5. Necessary qualities and experience
  6. Your obligations regarding the DPO

The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence.