In the UK the ICO is the governing body, and they say I don't need one. From their guidance linked below
>The GDPR introduces a duty for you to appoint a data protection officer (DPO) if you are a public authority, or if you carry out certain types of processing activities.
I am neither a public authority or carry out those certain types of activity.
In the UK the ICO is the governing body, and they say I don't need one. From their guidance linked below
>The GDPR introduces a duty for you to appoint a data protection officer (DPO) if you are a public authority, or if you carry out certain types of processing activities.
I am neither a public authority or carry out those certain types of activity.
https://ico.org.uk/for-organisations/guide-to-the-general-da...