http://www.legislation.gov.uk/id/ukpga/2018/12/enacted

PART 3Law enforcement processing

CHAPTER 4Controller and processor

Data protection officers

69Designation of a data protection officer

1

The controller must designate a data protection officer, unless the controller is a court, or other judicial authority, acting in its judicial capacity.

2

When designating a data protection officer, the controller must have regard to the professional qualities of the proposed officer, in particular—

a

the proposed officer’s expert knowledge of data protection law and practice, and

b

the ability of the proposed officer to perform the tasks mentioned in section 71.

3

The same person may be designated as a data protection officer by several controllers, taking account of their organisational structure and size.

4

The controller must publish the contact details of the data protection officer and communicate these to the Commissioner.