The information on which the search is based has been translated by a computer system without human intervention. It may contain errors in vocabulary, syntax or grammar. The translation may also produce mistakes in the searches performed.
16 results were found for your search terms Mercantile companies
Sending emails with third party data.
One entity is sanctioned, absorbing another, within the framework of the provision of a health monitoring service. He sent citation emails to various workers who mistakenly contained data from other workers.
There is no contract from the processor and no authorization to carry out the sub-mission.
A private entity is sanctioned for having entrusted the management of the medical check appointments of workers to another entity without having formalised the contract of sub-responsor of the treatment, and without having requested the controller to authorise the sub-response of the treatment.
Right of information.
Within the framework of the contracting of a private home aid service, the entity did not make effective the right of information of the person concerned.
Report on the Draft Decree approving the regulations for the implementation of Titles I, III and IV of Law 9/2014 of 31 July on the industrial safety of establishments, facilities and products
Legitimation to request information from banks that pay the fees for funeral services for the deceased
The request of the local company, to the banking entities, for the identification data of the persons who have made bank transfers for the payment of funeral rights of which the updated ownership is not stated may be covered by the legal basis. of Article 6.1.e) of the RGPD. With regard to the data relating to the telephone number and e-mail address of the person who made the payment, once their identity is known, it is considered compatible to use the contact details that the same entity has for the management. other funeral rights, as well as the possibility of contacting the person concerned using the data contained in the Municipal Register of Inhabitants or in the INE databases, so that it is the affected person who faciliti. Ultimately, and in a subsidiary manner with regard to the avenues just set out, the communication by banks of the contact details of the persons who have made the payments may be considered compatible if they are previously guarantees the right of the person concerned to oppose it.
Dealing of data concerning a photo without consent.
The whistleblower complained that the public company fired her while in trial, due to a photograph that would have been made while she was drinking during the labor break. Previous information is archived because it could not be credited that the reported company has performed any processing of the image of the complainant. There is also no evidence to indicate that the company had any interest in obtaining the photograph of the person complaining for use for the purposes described by the person complaining, that is, to motivate the termination of the working relationship.
The principle of accuracy of the data is infringed by having issued invoices and the corresponding direct debit receipts with incorrect data.
Aigües de Barcelona issued a total of 12 invoices and corresponding direct debit receipts with incorrect personal data. In particular, he assigned names and surnames of 5 different users to the DNI of the person complaining. For this reason, bank receipts were sent to the account of the person denouncing the names and surnames of persons other than the accountholder.
Punctual alteration of the procedure normalized by exceptional causes related with the of and delivery of the payrolls of the workers.
The principle|beginning of confidentiality is not harmed. The entity had a procedure normalized for the management|formality of the payrolls of its|his|her|their workers implemented. However, due to causes occurred and of quite biggest, this was seen obligatorily altered during the pike of the pandemic. With everything, it has not remained accredited|proved that the system adopted during this period entailed a significant risk of undue access to the contents of the payrolls of the workers.
Revelation of data in a documentary
Offense is stated|declared for breach of the principle|beginning of confidentiality, in so far as in an issued documentary on the public television they revealed a data set that they allowed the identification of a minor. In the same documentary a document was exhibited in the that data related to the health of another person, former mother of reception of the minor, were evident. Permanent offense.
Duty to designate a representative of data protection in a municipal trading company
A municipal trading company proposes if, to tenor of what orders the article 37.1.a) of the RGPD, it is forced to designating a Representative of Data Protection. The affected subjects and the functions attributed to the municipal trading company attended to, this Authority considers that the designation of a representative of data protection under protection of the article 37.1.a would not be exigible) of the RGPD, even though one good would constitute it practices. This without harm of its forcing in case the foreseen supposition contributes to the b letter) of the article 37.1 of the RGPD or in another rule of which its forcing is derived from it.
Total number of pages: 2