FREQUENTLY ASKED QUESTIONS

A Personal Data Protection Officer is a person who performs the functions as provided by Article 33 of the law.

There is no citizenship restriction in the law. It should be noted, however, that the Data Protection Officer must be able to carry out their duties properly. In some cases, (e.g., not knowing the language of the State or being in a foreign country) it may be impossible to perform those functions.

The Personal Data Protection Officers should have appropriate knowledge in the field of data protection. However, the law does not provide for a certification requirement. Accordingly, the Personal Data Protection Service of Georgia does not keep a list of “certified” officers.

Considering that a Data Protection Officer may be a person invited from outside based on a service contract, in such a case the person is appointed to this position within the institution or organization. Whereas, a person within an institution or organization can also be designated as the officer.

A data subject is any natural person whose personal data are processed. Accordingly, it can be not only a person with Georgian citizenship, but also a citizen of a foreign country, a non-citizen. The Law of Georgia "On Personal Data Protection" will apply to these persons as it does to Georgian citizens.