[outsideoflife]

Larger than small business here, we are not employing a DPO and we are complying with GDPR.

[sb8244]

You are employing a DPO if you are compliant. https://digitalguardian.com/blog/what-data-protection-office...

You most likely already had one and are now paying them to do this as well

[outsideoflife]

> You are employing a DPO if you are compliant.

In the UK the ICO is the governing body, and they say I don't need one. From their guidance linked below

>The GDPR introduces a duty for you to appoint a data protection officer (DPO) if you are a public authority, or if you carry out certain types of processing activities.

I am neither a public authority or carry out those certain types of activity.

https://ico.org.uk/for-organisations/guide-to-the-general-da...