Contact
The controller should review the IPD carried out in order to ensure that it collects both the information provided for in Article 10 of the Instruction 1/2009, of 10 February, on the processing of personal data using cameras for video surveillance purposes, as well as the other requirements established by Article 35.7 of the GDPR. Prior consultation with this Authority is only mandatory when the DPIA shows that treatment carries a high risk if the controller does not take measures to mitigate it.