Spanish Data Protection Laws: LOPD and LORTAD

Posted on Apr 29, 2024 in Law & Jurisprudence

SCHEME

1. European Human Rights Legislation and Restrictions on Use of Data

2. Spanish Legislation

   • LORTAD 1992

   • LOPD 1999

   • RD 1720/2007

3. Definitions

4. Publicly Available Sources

5. Titles Comprising the LOPD

   • PART I: General Provisions (Purpose and Scope)

     • Art 01. Object

     • Art 02. Scope

     • Art 03. Definitions

   • PART II: Principles of Data Protection

     • Art 04. Data Quality

     • Art 05. Right to Information in the Data Collection

     • Art 06. Consent of Affected

     • Art 07. Special Protection Data

     • Art 08. Data on Health

     • Art 09. Data Security

     • Art 10. Obligation to Maintain Confidentiality

     • Art 11. Reporting Data

     • Art 12. Data Access for Third Parties

   • PART III: Rights of Persons

     • Art 13. Securities Law Challenge

     • Art 14. Right to Consult the Register Data Protection

     • Art 15. Right of Access

     • Art 16. Right of Rectification and Cancellation

     • Art 17. Opposition Proceedings, Access, Correction or Cancellation

     • Art 18. Protection of Rights

     • Art 19. Right to Compensation

   • PART IV: Sectoral Arrangements

     • Public Ownership Files

       • Art 20. Creation, Modification or Deletion

       • Art 21. Data Communication Between Apps

       • Art 22. Files of Security and Police Forces

       • Art 23. Exceptions to Rights of Access, Rectification and Cancellation

       • Art 24. Other Exceptions to the Rights of Those Affected

     • Files in Private Ownership

       • Art 25. Creation

       • Art 26. Notification and Registration

       • Art 27. Communication from the Transfer of Data

       • Art 28. Data Sources Include Public Access

       • Art 29. Providing Services Inf. Solvency and Credit

       • Art 30. Treatments for Purposes of Advertising and Commercial Prospecting

       • Art 31. Census Coupon

       • Art 32. Code Types

   • PART V: International Data Movement

     • Art 33. General Standard for International Data Transfer

     • Art 34. Exceptions to the International Transfer of Data

   • PART VI: Spanish Agency of Data Protection (Organization, Duties and Responsibilities)

     • Nature and Operation of the Scheme AEPD
     • Procedures Conducted

     • Functions of the AEPD

       • General Function

       • Functions with Citizens

       • Functions with Whom Data Is

       • Functions with the Development of Standards

       • Functions Related to Telecommunications

       • Other Features

     • Organizational Structure of the AEPD

       • Manager

       • Advisory Council

       • General Register for Data Protection

       • Inspection Data

       • General Secretariat

     • Bodies to the CCAA

   • TITLE VII: Violations and Penalties

   • PART VIII: Security Measures in the Treatment of Personal Data

     • Security Levels

     • Files to Implement Measures at MEDIUM

     • Files to Implement Measures HIGH

     • Exceptions to General Rules

     • Where Does the Treatment the Processor

     • Document Security

     • Ins Fichs Measures Applicable to and Approved Treatm. BASIC LEVEL

     • Ins Fichs Measures Applicable to and Approved Treatm. Middle Level

     • Ins Fichs Measures Applicable to and Approved Treatm. HIGH

     • Measures Applicable to Fichs Ins and Unauthorized Treatm. BASIC LEVEL

     • Measures Applicable to Fichs Ins and Unauthorized Treatm. Middle Level

     • Measures Applicable to Fichs Ins and Unauthorized Treatm. HIGH

   • TIUTLO IX. Procedure Conducted by the Spanish Agency of Data Protection

ABSTRACT

European Legislation on Human Rights and Limitation of Use of Data

Universal Declaration of Human Rights (10 Dec 1948 Art. 12). Text: “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone is entitled to the protection of the law against such interference or attacks.”

Convention for Protection of Rights and Fundamental Freedoms (4 Nov 1950 Art. 8) ratified by Spain on 26 Sept 1979.

Convention 108/1981 of the European Council ratified by Spain on January 27, 1984

European Charter of Fundamental Rights (7 Dec 2000 in Nice Art. 8) Everyone has the right to protection of personal data concerning him. These data must be processed fairly for specified purposes and on the basis of consent of the person concerned or some other legitimate underpinning provided by law. Everyone has the right to access the data collected concerning him and his rectification.

Directive 95/46/EC of the European Parliament and Council (24 Oct 1995)

1. LEGISLACIÓN ESPAÑOLA

o Constitución Spanish Art. 18.4 = 1978 law restricting the use of computers to ensure the honor and personal and family privacy of citizens and fully exercise their rights.

o LORTAD (Planning Act and Regulating the Automated Processing of Data LO5/1992 29 Oct) implements the Art. 18.4 of the Spanish Constitution and the Convention only 108. Primera Act regulating the automated processing of data leaving out personal media automatizados.

o La not 20 Jul Case CT 254/1993. It recognizes the right of freedom informática

o R.D. 428/1993 Statute datos. Regulaba protection agency operation of the Data Protection Agency (an independent agency of government that is for the private and public sector)

o LOPD (Act Protection Organic Information 15/1999 13 Dec. LORTAD Repeals and is the transposition of Directive only regulates 95/45/CE. No automated processing, but processing the data wherever they are and wherever appropriate to estén. Ley European directive by:

o R.D. 1720/2007 by approving the development regulations of the law 15/1999. LORTAD = Create Protection Agency assumes Datos LOPD = The created because it already exists.