Resolutions, opinions and reports search tool

The claim is loved because the organ responsible for the file solved and notified the request of access beyond the deadline of an established month to the effect.

Applied articles: 15 LOPD, 27 and 29 RLOPD.

The claim is loved because the organ responsible for file did not make the law of access effective until transfer from the claim that has caused the present performances was given. Given the formulated allegations for the entity claimed in this resolution justify the reasons for which it is considered that the law of exercised access does not have to be conveyed by the LOPD anywhere of the Law in transparency.

Applied articles: 15 LOPD, 29 RLOPD; art. 24.3 Law 19/2014.

The claim is loved because the organ responsible for file did not make the law|right of access effective in deadline|installment, and it only made it when having knowledge of the claim that it has caused the present performances|actions. Given the formulated allegations for the entity claimed in this resolution justify the reasons for which it is considered that the law|right of exercised|exerted access has to be conveyed for the LOPD and not by the Law of transparency, when referring to data of the requesting person (or its|his|her|their son, who he|she|it represents).

Applied articles|items: 15LOPD, 29, 30 RLOPD; art. 24.3 Law 19/2014.

In the area of the videovigilància, the information that the article 5.1 of the LOPD refers to is allowed to offer it in a more reduced way, whenever this information is completed through forms or across its web or electronic headquarters. The fact of not complementing the information in the described form is constitutive of a slight offense.

Applied articles: 5, 44.2.c) LOPD; 12 Instruction 1/2009.

Several not identified persons who loaned service to the General Hospital of Vic (shop assistant of the Hospitable Consortium of Vic), the user and personal password used corresponding to other persons to access an application computer of the Catalan Service of the Health in order to process benefits of orthopedic devices (PAOS), fact that prevents the unambiguous and personalized identification of the persons who access this computer application, what means a breach of safety measures.

Applied articles: 9, 44.3.h) of the LOPD and 93 RLOPD.

The interception of electronic mail crossed between two teachers of a teaching institution, on the part of the director of the center, like this like posterior remission was denounced of the Post Office in other organs of the Department. The complaint is filed because, on the one hand, there is not any evidence of the interference in the mail, since the access would have facilitated one of the persons who took part in the communications. On the other hand, the posterior remission of the Post Office in the Department would be suitable, pertinent and non excessive, so that the art was not harmed. 4.1 of the LOPD.

Applied articles: Article 4.1 and 47 LOPD.

There is not contradiction of the article 28.2 LPAC with the demand for the article 4.9 of the RGPD that the consent manifests through a declaration or a clear affirmative action, because the habilitation would derive from the same LPAC in relation to the e letter) of the article 6.2 of the RGPD. However, the application of the foreseen mechanism in article 28 has to limit itself to the administrative procedures of the entities that have the condition of public administrations. The exchange of data among the administration that it has the information about the titles of numerous or monoparental family or about the situation of unemployment and the entity that sends the ticket cannot found in the b letter) of the article 6.1 of the RGPD since it is not an exchange strictly necessary for the expedition. Regarding the letters c) and e) of same article 6.1 RGPD yes that they could fit out the exchange, whenever it is in a rule foreseen with rank of law that is concrete, precise and predictable.

Since in view of the brought information the person or accusing persons had the condition of agents of the authority, from the point of view of the regulations of data of personal character protection the access to the name and the surnames and the address of the accusing agents on the subject of traffic would not be justified. The access should limit itself to the knowledge of the professional number of identification of the agent or the agents that have formulated the complaint.

The Decision of the Commission of 5 February 2010 taking into account, the Resolution of the AEPD of 9 May of 2014, as well as the adhesion of Microsoft to the Shield of Privacy, can be considered that the contract of order of the treatment that could subscribe the University with Microsoft in relation to the services "Microsoft 365" and "Microsoft Azure", it would be in principle fitting to the demands of the regulations of data protection (LOPD, RLOPD and RGPD). Regarding the technical and organizational safety measures to guarantee the security of the data, can be considered that "Microsoft 365" and "Microsoft Azure" can be the forecasts of Microsoft in relation to the services, a priori, suitable for what he foresees the regulations of data protection taking into account that the implantation of the foreseen measures is an object of certification and auditing on the part of one third independent.

The communication of data about remunerations of the managerial charges or organs of direction and administration on the part of the private entities that they manage public services and/or that perceive helps and subsidies, in the foreseen suppositions in the 3.2 and 15.2 LTC articles, as well as its publication on the part of the responsible Administration would be justified for the fulfillment of the purpose of transparency and has the legal habilitation to the effects of the that the article foresees 11.2.a) of the LOPD.