Here is the English translation of your content, localized for clarity and professional tone:
š WHICH BUSINESSES ARE REQUIRED TO APPOINT A DATA PROTECTION OFFICER (DPO)?
š Under Decree No. 13/2023/NÄ-CP, any organization that processes sensitive personal dataāsuch as health information, biometric data, financial data, religious beliefs, etc.āis required to appoint a Data Protection Officer (DPO) as a mandatory safeguard for handling such data.
Examples: fintech companies, hospitals, or businesses that process employee health records (a type of sensitive data) must all appoint a DPO.
š According to the draft Law on Personal Data Protection, the appointment of a DPO becomes mandatory for all businesses, regardless of the type of personal data being processed. Specifically, businesses will be required to appoint either an internal DPO with sufficient expertise or outsource the function to a qualified individual or organization (external DPO).
š”What should your business do today?
- Review the categories of personal data your organization is currently processing.
- Assess whether the data is considered āsensitiveā (under Decree 13) or falls under the expanded scope (in the draft Law).
- Develop a plan to appoint an internal or external DPO based on your organizationās specific needs.
š Contact PrivacyCompliance for guidance on appointing your DPO!
RECRUITMENT ANNOUNCEMENT ā MARKETING INTERN
Privacy Compliance Joint Stock Company is recruiting a Marketing Intern to support communication and brand development activities in the field of personal data protection and privacy. Job Description Assist in developing and implementing communication plans and content (website, LinkedIn, Facebook, email marketing, etc.). Coordinate in editing articles on data protection, compliance, and risk management (under […]
Learn more
RECRUITMENT ANNOUNCEMENT ā PRIVACY ASSOCIATE
Privacy Compliance Joint Stock Company is recruiting a Privacy Associate in the field of personal data protection and privacy. Job Description Advise clients on personal data protection matters. Review, develop, and refine internal policies and procedures; assess compliance levels and propose improvement roadmaps. Conduct Data Protection Impact Assessments (DPIA) and Data Transfer Impact Assessments (DTIA). […]
Learn more
PDPL QUEST 01: ARE YOU PREPARED TO DELETE EMPLOYEEāS PERSONAL DATA?
ARE YOU PREPARED TO DELETE EMPLOYEEāS PERSONAL DATA? Under Article 25 of Vietnamās Personal Data Protection Law 2025, employers are required to delete or destroy employeesā personal data once the employment contract ends, unless otherwise agreed or legally required to retain it. ā”ļø To continue processing personal data post-employment (e.g. for legal or compliance […]
Learn more