Hi everyone, I wanted to share this information with you as it has been brought to light recently by one of my Members that they were visited by a "Governing Body" and told they would be fined 60,000€ for not having the right procedures in place with relation to them holding perdonal data on their clients.
This visit was actually a scam and there seems to be a lot of it going on down here on the Costa del Sol. There is one company who comes authorised by the Junta de Andalucia and was introduced to myself directly in order for me to keep my members fully informed.
SUMMARY - DATA PROTECTION LAW (LOPD)
(Ley Orgánica de Protección de datos de Carácter Personal)
WHAT THE LAW STATES
The Law (LOPD) aims to guarantee and protect the data and fundamental of individuals to their personal and family privacy.
(LOPD 15/199; Royal Decree 12/2007 approved as law 15/1999; Effective APRIL 2008)
SCOPE OF THE LAW
ALL companies - private, public and state - whether a one-man business or a subsidiary of a larger enterprise holding and managing personal data, collected in any format (manual, computerised, etc.) have to register these files at the Spanish Data Protection Agency (AEPD).
HOW TO COMPLY WITH THE LAW
1- Security Document: Obligations and protocols regarding data protection
2- Files registration at the AEPD
3- Allow individuals to exercise their ARCO rights (Access, Rectification, Cancelation and Disagreement).
DATA SECURITY LEVELS
Low: Name, telephone, address, email...
Medium: Civil or criminal offences, credit rating, finacial information, health, Social Security data...
High: Religion, beliefs, sexual content, health, race, unions...
PENALTIES
Low: 600 to 60,000 €
Medium: 600,000 to 300,000 €
High: 300,000 to 600,000 €
WHY COMPLY?
- It's the law!
- 100% fee RECOVERY for companies with employees
- A 15% of fee REDUCTION on Income Tax
- It's an ASSET for your company
GESTDATOS Services
We can ensure your compliance with the LOPD. Our services:
- Supply of self-training course CDs
- Preparation of the "Security Document"
- File registration at the AEPD
- Auditing and consulting on files and security to ensure continued compliance
- Updated course every year, incorporating ongoing revisions to the LOPD
- Assistance in defence against denunciation
GestDatos Services will be doing a presentation to my Members at the next Mijas Costa Network meeting on the 6th May 2010 at approximately 9.15ish in the morning, at Club El Chaparrel Golf, La Cala de Mijas
As this is an extremely important presentation I am offering an invite to all EOS Members who would be interested in the presentation.
If you would like to attend please let me know asap.
kind regards
Sam Campbell