Germany: The role of the DPO and conflicts of interest
"The GDPR is now directly applicable in all Member States. Before the GDPR applied, the prohibition of conflict of interest for the DPO was already enshrined in German data protection law. In particular, under the Baden-Württemberg data protection authority ('LfDI Baden-Württemberg') has stated that the personal integrity of the DPO must be ensured. In the case of in-house DPOs, this means, for example, that the basic employment relationship with the function of the DPO must not contain any conflicts of objectives or interests. In the case of an external appointment, the company offering the DPO service must also not have any conflicts of interest because the absence of a conflict of interest is closely linked to the need for independence. Concrete examples of conflicts of interests are if the DPO is the owner, director, partner, chief executive, manager, chairman of the board, managing director, or any other legally or constitutionally appointed director of the company/agency/association."