“The protection of personal data is a fundamental right. We live in the information society and every day try to millions of personal data. We provide our personal data when opening a bank account, when we asked to participate in a contest, when we booked a flight or a hotel and every time we make a payment by credit card. The name and surname date of birth, address or e-mail phone number, the DNI and many other data we use daily are valuable information that could help identify a person, either directly or indirectly. With this information we can develop our daily activity, we enrolled our children in school, receive care health, make phone calls or enjoy our leisure.
In our days, all the people have the right to not be subject to a decision with legal consequences for them, or which significantly affects them, and which is based processing of data intended to assess certain aspects of their personality.
I am living in Spain and I know the legislation on access to data, because is a matter of national interest and is a present subject in our work.
The Control bodies are the Spanish Agency for Data Protection (AEPD in the Spanish acronym) – the body monitoring compliance with the rules of data protection within the Spanish territory; and other data protection agencies, autonomous, in the Autonomous Communities of Madrid, Catalonia and the Basque Country.
The Spanish Agency for Data Protection is the public law authority overseeing compliance with the legal provisions on the protection of personal data, enjoying as such an absolute independence from the Public Administration. The AEPD is of the understanding that its functions must always be conducted with a priority objective, that of guaranteeing the protection of individual rights.
The regulatory Standards are the Law 15/1999 of December 13, Protection of Personal Data and the Royal Decree 1720/2007 approving the Regulation implementing the Law 15/1999 of December 13.
The Organic Law15/1999 of December 13 is intended to guarantee and protect the public liberties and fundamental rights of natural persons and in particular their personal and family privacy, with regard to the processing of personal data.
This Organic Law shall govern any processing of personal data: when the processing is carried out on Spanish territory as part of the activities of an establishment belonging to the person responsible for the processing; when the person responsible for the processing is not established on Spanish territory but is subject to Spanish law pursuant to the norms of public international law and when the person responsible for the processing is not established on the territory of the European Union and is using for the processing means situated on Spanish territory, unless such means are used solely for transit purposes.
The Royal Decree 1720/2007 approving the Regulation implementing the Law 15/1999 of December 13 intended to have a wide scope indeed, provides in Article 1 that “[This Organic Law] is intended to guarantee and protect, with regard to the processing of personal data, the public liberties and fundamental rights of individuals, and in particular their honor and personal privacy”. It includes, therefore, automated and non-automated processing of personal data.
The Organic Act (LOPD) is the basis of the Spanish system for guaranteeing the right to protect personal data. The adequate compliance by all of the agents involved is an essential instrument for better protecting the rights of citizens.
I have not yet made use of the data protection legislation, but surely I will if it will be necessary.” – Ana Ionela Cristea – Barcelona, Spain