How do I know if I am in the Data Protection Agency? Every Spanish citizen asks himself this question in some circumstance of his day-to-day life.
Not only legal entities, but also the self-employed, associations, groups and people who own a blog are responsible for databases through which data from third parties are collected for consultation and for any other purpose. Here we clear your doubts on this topic.
How do I know if I am in the Data Protection Agency?
As is well known, all companies that process personal data must comply with current regulations on LOPD.
However, we must consider, as an initial part, to know if our company is governed by this Law.
Through the Data Protection Agency, the companies were able to check whether or not they had registered their files.
The GDPR gives free access to those who wish to consult the inscriptions of the archives, both their own and those of others at any time.
How to know if I am in the Data Protection Agency: Search Form
The procedure to verify that a company is previously registered is:
- In the place Web of the AEPD, you click on the files option.
- Click on private property.
- Write the NIF / DNI or the name of the company, as the case may be.
- Then you give “Search”.
Of the Outcome From this search, the list of files that met the requested characteristics is obtained, according to the name of the company and the name of the file.
From 2018, until today, with the validity of the RGPD, the files are no longer registered in the AEPD.
This web portal is no longer active for such a query.
Currently there are other parameters to comply with the LOPD regulations, using the RGPD tool provided by AEPD.
You can also contact a company to help you with this new requirement, here you can ask for the prices.
How to know if I am in the Data Protection Agency: Results
Each file registered in the GDPR contains a summary report on the first page with the following information:
- Company name or Name of the person in charge.
- File names.
- Applications and purposes already defined.
- Address where the interested party exercises their rights and cancels the information.
- Type of information.
- Transfers Communication and data transfer.
- Clasification of records and data types.
How to know if I am in the Data Protection Agency: Files
A File it is a file that stores personal information.
In other words, it is a database where personal information can be stored for limited use.
According to the mechanism of organization, storage and access to data, there are four types of files that we should mention:
- Automated: they are organized digitally and are accessible from any type of computer application or process.
- Not automated: they are the ones that keep the information on paper. An example of this is employee files kept in a filing cabinet.
- Private property: represents those who are under the supervision of natural or legal persons as long as they are not associated with the public administration. It is worth noting that personal data stored in companies is privately owned.
- Public ownership: files corresponding to a public body, government, public administration, etc.
File Security Levels
Depending on the type, the files differ in three levels of security.
That is, according to the information stored and depending on the confidentiality of the data in accordance with the provisions of the LOPD.
- Fundamental: all files containing personal information are, in turn, considered at all levels.
- Half: Files containing financial and credit information are included.
- High– Applies to all files containing information on ideology, politics, beliefs, racial origin, etc.
What is the State Data Protection Agency?
The Spanish Agency for Data Protection has the task of ensuring compliance with the organic law of data protection in Spain.
It is a body with legal personality and public law.
How many files should I create?
In Spain, the LOPD requires as a main requirement the creation of a file data and notification to the AEPD of its creation.
The file or archive is considered a database, in which the information collected will be stored.
Before creating the database, the file must be registered in the AEPD.
With this in mind, all the files you want to create must be registered.
At what point should I register a file in the AEPD?
All files must be logged before database is created or collected.
An example is that this must be done before starting the transmission of the surveillance cameras that have been installed in the company.
What is a file?
The file is defined as a database that allows storing data considered of a personal nature.
What are the statistics of the files?
There are about five million files registered in the AEPD, most of which are privately owned.
At the beginning of 2018, around thirty-five thousand files were registered.
They were communities of owners (sectors of activity) ranked first, closely followed by the health and business sectors.
Half of the inscriptions belong to these, while the majority belong to public property.
I have an online store, what tab do you suggest?
In the case of an online company, the following files are recommended:
- Human Resources: This file includes the personal data of the employees.
- Accounting: Information about the company’s accounting.
- Website– Data such as email addresses, email addresses, addresses, phone numbers, etc. are included.
- Providers: The data of all the providers with which you interact is included.
- Users: The data of the users who participate in the site are stored.
What is the Data Protection Agency?
The Spanish Agency for Data Protection (AEPD), is the public body in charge of ensuring compliance with the Organic Law on Protection of Personal Data in Spain. It is headquartered in Madrid and its scope of action extends to the entire Spanish territory.
It is a public law entity with its own legal personality and full public and private capacity that acts independently of the public administration in the exercise of its functions.
its main mission is to ensure compliance with the data protection regulations by those responsible for the files (public entities, private companies, associations, etc.) and monitor their application in order to guarantee the fundamental right to protection of the personal data of citizens.
The EDPS exercises his investigative powers mainly at the request of citizens, although it also has the power to act ex officio. The Agency is statutory and hierarchically independent and is related to the Government through the Ministry of Justice.
In Spain, there are also regional data protection agencies in Catalonia and the Basque Country with a scope limited to the public files declared by the regional and local administrations of the respective autonomous communities.
Organic Law 15/1999, of December 13, on the Protection of Personal Data (LOPD) was a Spanish organic law aimed at guarantee and protect public liberties, as well as the fundamental rights of nature in relation to the processing of personal data of Natural Persons, and in particular of their honor, personal and family privacy.
It was approved by the General Courts on December 13, 1999 and repealed with the entry into force of Organic Law 3/2018 of Personal data protection and Guarantee of Digital Rights of December 6, 2018, which adapts Spanish legislation to general data. Protection Regulation of the European Union.
This law was developed in article 18 of the Spanish Constitution of 1978 on the right to family intimacy. This regulation excluded data collected for domestic use, classified state cases, and files that collected data on terrorism and other forms of organized crime (non-ordinary crime).
The Spanish Agency for Data Protection, is responsible for compliance with this law.
What is the function of the Spanish Data Protection Agency (AEPD)?
The AEPD is the body in charge of ensuring compliance with the regulations on personal data protection. Among the functions of the AEPD, the most relevant are the following:
- To emit instructions precise to adapt the treatments to the principles of the law.
- Respond to requests and complaints made by the interested parties, in particular the complaints regarding the cases in which the person responsible for the processing of personal data has not responded to the requests to exercise the rights of access, modification, rectification and opposition.
- Inform people of their Rights regarding the processing of personal data.
- Require those responsible and responsible for data processing to adopt the necessary measures to adapt the processing of the data to the legal provisions.
- Exercise the can penalty in this matter.
- Publicize the existence of personal data files.
- Issues a annual report and send it to the Department of Justice.
Artículos relacionados que te pueden interesar