Resolutions, opinions and reports search tool

A city council is admonished as responsible for 4 infringements: 1) to capture images of the public track through cameras installed outside the micro-weapon, disproportionately (the public pathway was captured beyond what is required); 2) to use images captured for security purposes to identify the person who had not correctly deposited a residue; 3) Because the RAT does not include all prescriptive information and contains inaccurate information; and 4) To not fully inform the persons concerned.

Choosing the most appropriate selective collection model in the municipality requires an impact assessment on data protection. The City Council, in view of the powers it has been assigned in matters of waste management, would be entitled to carry out the processing of data arising from the implementation of the selective collection system. However, in the absence of a specific legal provision, the development of profiles that produce legal effects on the person using the service or that significantly affect them in a similar way, requires the explicit consent of the persons affected. The participation of third parties in the implementation of this system requires the formalization of a contract of manager and, where applicable, of sub-manager, as well as, where applicable, the fulfillment of the obligations established in this regard in the LCSP.

The claimant asked for access to certain documents from a mediation process in which he had been involved and therefore concerning the processing of his personal data. The Authority handed over the claim to the Aran GC, which submitted written allegations. With his response, the claimed entity did not accredit having provided the requested documents.

It is not for this Authority to define the means by which citizens can be identified by electronic means in administrative procedures, nor to determine whether an identification system can reliably guarantee the identity of the applicant. A system of identification of the interested parties that collects together with the data of the DNI or identification document of the interested party his image and voice, can have like legal base the exercise of public powers conferred to the person in charge of the treatment in relation to the functions identification of those interested in the procedure provided for in the administrative procedure regulations. If specific technical means are used that allow the unambiguous identification or authentication of an individual, it will involve the processing of biometric data and therefore special categories of data. In order for this data processing to be lawful and in accordance with data protection regulations, it must have the valid consent of the data subject and comply with the other principles of the RGPD, including the principle of minimization, so that, given the specific circumstances of the procedure or procedures in which it is intended to be applied, it passes the judgment of proportionality.

The data processing referred to in the proposed protocol under examination shall comply with the data protection regulations, without prejudice to the considerations made in this opinion and those which it may carry out, as the competent control authority for the processing of data. jurisdictional, the CGPJ. However, it is necessary to revise and modify the consent form of Annex 1 to the Protocol as set out in Section IV of the Opinion.

The entity responded in time to the claimant's request for the suppression of clinical history. In terms of substance, the reasons given by the body for not proceeding with the deletion of clinical documentation would be in line with the provisions of data protection regulations and health legislation.

The claim submitted by the claimant is estimated and required in the PGP to make the exercise of the right of access of the claimant effective, with respect to access to the data of the SIP PFMEN file, and also to provide a copy of all data requested by the claimant to be dealt with by the PGP DP in the SIP PF file.

The claim is estimated because the claimant requested access to certain information expressly stating that it was via "on-screen view", and the DS Department submitted screen impressions to him. The current regulation (RGPD, LOPDGDD and Real Decree 1720/2007) provides that the interested party may choose the means to receive information, in which case the chosen channel was not respected.

The complaint submitted is estimated, given that the ruling of the PDB that has agreed to cancel the personal data of the claimant incorporated into the SIP file, in the terms of its application, has been rendered extemporaneously.

The communication of information on the trainers to impart the formative action to companies and organizing entities, limited to the identifying data, of contact and of training or experience, would be lawful and would adjust to the principle of minimization of data, to be necessary both for the execution of the contract and for the fulfillment of legal obligations. In addition, the competent authorities may require the information related to the training action necessary to control the execution and application of the bonus by the companies. With the information available, it does not seem justified to communicate information relating to the data relating to the user and password for access to the virtual classroom assigned to students in the training activity, nor those relating to the professional situation of the training staff or responsible for the activity.