The information on which the search is based has been translated by a computer system without human intervention. It may contain errors in vocabulary, syntax or grammar. The translation may also produce mistakes in the searches performed.
67 results were found for your search terms DATA CONTROLLER
Risks and responsibilities for the use of the aplicatiu of Whatsapp
CNS 13/2018
The Town Council has to take the guarantees that a determinate canal offers for the treatment of the information of the affected persons and the existence or not other canals alternative into account. Cases 1, 2 and 3: The Town Council has to give fulfillment at the beginning and guarantees of the regulations of data protection, among others, it has to have the consent of all the participants of the Groups, unless it has another juridical basis and to give them information about the treatment of the data (art. 13 RGPD) and the consequences that can derive from the utilization of this canal. Among other questions, the elaboration of a “clause of policies of good use” is appraised positively. Case 4: The available information attended to, it cannot be determined if the Group has an exclusively personal or domestic purpose and, consequently, if it finds itself or not subject to the regulations of data protection personal. In any case, for the facilitated information, it would not be responsibility of the Town Council.
26/04/2018
Designation of the responsible for the treatment in a Town Council
CNS 24/2018
Although the RGPD allows to designate a juridical person as a responsible for the treatment, in relation to the data processing made by the town councils, it would be more suitable to make an administrative organ be evident as such.
26/04/2018
Communication of data among entities of municipal titularity because of the subrogation in the management of healthcares
CNS 11/2018
Since the communication of data of the files of clinical history was a consequence of a modification in the form of management of the services of mental health and additions, for which a municipal entity would subrogate itself in the position of the other one, it would be necessary, until the RGPD is not fully applicable, to notify the modification of the responsible for these files to the Register of Data Protection of Catalonia and to inform the affected persons of it. This, without harm of the fulfillment of the rest of principles and duties established to the legislation to data protection.
26/03/2018
Report in relation to the Project of order by which the electronic judicial Seu of Catalonia is created
PD 4/2017
02/06/2017
Adequacy to the regulations of data protection of the Program of homogenization of the processes and internal mechanisms of procedure of the tributes and the social quotations
CNS 22/2017
The entities who shape the public sector of the Generalitat de Catalunya are, each of them, responsibles for the treatments of the particulars which they have. The responsibility of the Tributary Agency of Catalonia and of the General Direction of Social Protection in the treatment of these data will depend in the way its communication is articulated, although, for the information of which it is ordered, these could adopt the posture of persons in charge of the treatment, whenever the corresponding contract of order is formalized. In this judgement the fulfillment of some of the duties imposed by the regulations to data protection (obtaining of the consent, duty of information, creation of files and resolution of the procedures of rights exercise) is also analyzed.
26/05/2017
- SECTORIAL AREA
- Public finance
- HABEAS DATA RIGHTS
- Conditions of exercise
- Right of information
- DATA PROCESSOR
- ENTITIES
- Public administration
- Autonomous community administration
- PRINCIPLES
- Lawfulness principle
- Consent
- Legal obligation
- CATALAN DATA PROTECTION REGISTER
- Data files
- Publicly owned files
- File registration
- DATA CONTROLLER
Utilization of the product Microsoft Office 365 with the collectives of a University
CNS 60/2016
The Decision of the Commission of 5 February 2010 taking into account, the Resolution of the AEPD of 9 May of 2014, as well as the adhesion of Microsoft to the Shield of Privacy, can be considered that the contract of order of the treatment that could subscribe the University with Microsoft in relation to the services "Microsoft 365" and "Microsoft Azure", it would be in principle fitting to the demands of the regulations of data protection (LOPD, RLOPD and RGPD). Regarding the technical and organizational safety measures to guarantee the security of the data, can be considered that "Microsoft 365" and "Microsoft Azure" can be the forecasts of Microsoft in relation to the services, a priori, suitable for what he foresees the regulations of data protection taking into account that the implantation of the foreseen measures is an object of certification and auditing on the part of one third independent.
29/11/2016
Use of the systems of instant messaging
CNS 55/2016
The public administrations have to check that the third lenders of services and of systems of communication fulfill their responsibilities, it is already as persons in charge of the treatment or, if it is proper, as responsibles for the treatment of the data of the users (in the case of the SMI), since the treatment is subjected to the demands of the principles and guarantees of the European regulations of the protection of data (LOPD, RLOPD, and RGPD). When they consider the choice of a determinate system of instant messaging (SMI) they should take the purpose of the communication, the personal information which it is necessary to treat, into account, especially; the consent of the affected ones; the model of security and the evaluation of impact and the concrete applied safety measures; the mechanisms of certification; the international transfers from data and the location of the servers; the law of information and the transparency, in attention to the forecasts of the European regulations of protection of data.
10/11/2016
Direct access of the Syndic of Offenses to the Catalan Penitentiary Computer System (SIP-C)
CNS 35/2016
The Syndic of Offenses has habilitation to require the Department of Justice all that information of the SIPC necessary for the fulfillment of its functions, without the consent of the affected ones. The articulation of a system as that, according to the consultation, would bring up the Syndic (installation in its headquarters of a point of direct access in the SIPC), is not foreseen legally and does not obey to the foreseen outline in the LOPD, according to which the assign formulates a request of information and the responsible, if it has habilitation, it hands over the information, in accordance with the principles of quality and of purpose. Because of that, this system would not fit to the demands of the regulations of the protection of data.
08/06/2016
Responsibility of the data processing in the provision of the service of water supply
CNS 69/2015
The proposal made by the dealer company of the service, according to which the Town Council, headline of the service of water supply would go to responsible being of the file in which the particulars linked to the provision of this service are contained and the dealer company would pass being the person in charge of the treatment of these data, it adapts to the regulations of data protection. It is necessary, because of that, to have the corresponding file of public titularity and to formalize the contract of order.
20/01/2016
Responsible for the treatment in the service of supply of potable water and sewerage of a town
CNS 63/2015
From the point of view of the protection of data, the town council, headline of the service of supply of potable water and sewerage, he should be also a responsible for the file in which the particulars linked to the provision of this service are contained (article 3.d) LOPD) and the dealer company should be the person in charge of the treatment of these data (article 3.g) LOPD).
22/12/2015
Total number of pages: 7