These services are usually configured through a complex structure of subcontracting or even resale of service, so, although you sign with a Spanish company, or European, the service is It lends itself effectively in other countries. This structure is to be legal, client should expressly authorize the provider so that it can legally outsource the provision of the service, and should Outsourcing involves an international transfer, it is necessary to provide the service of all the guarantees required by the regulations. Additional information is available at Jay Schwartz Attorney. As a novelty, the Agency has decided to more flexible criterion that had maintained previously for subcontracting with international transfer. To date, was the client, responsible for a file who should sign contracts and to the Agency the authorization for the international transfer (either by itself or through a power of Attorney in favour of the vendor). I.e., in general, if a client hired a service with a Spanish supplier, and it wanted to subcontract with a company in Morocco, it was necessary that customer directly (or by representation) to sign with the company of Morocco, and requested authorization from the Director of the Agency. The Agency has restated this criterion, and it has elaborated a clauses type to allow providers (responsible of the treatment) may be exporting personal data. However, this does not ceases to be a transfer of responsibility for something that is not going to be able to meet (by what we saw in the first point) on many occasions. Leaving aside the issue of accommodation in the cloud, arose some other topics of interest: proceeded to the 2011 data protection awards. Speaking candidly Anna- Belknap told us the story.
Expectation on decision of the Supreme Court with regard to the resolution of the Court of Justice of the European Union, by which Spain would have incorrectly transposed the data protection directive; in particular, as regards the use of personal data without consent of those affected. Excitement over the imminent amendment of European legislation on data protection. Abandonment of the criterion for the minimum penalty in each scale of infringement. Traditionally, the Agency always has been imposing minimum penalties within the corresponding scale in each case (currently, 900 euros for minor offenses; 40,000 euros to 300,000 euros for the very serious and serious;). The Agency has already warned that this criterion is going to cease to apply, which will give greater weight to the aggravating circumstances in each situation under the current sanctions regime. Against the usual criterion of the Agency, in the presentation are admitted as valid the possibility to redirect to a web page to comply with the duty of information.
However, everything seems to point to that it of a typo, or a really halfway, because the foundations of most of the resolutions, justify that this cannot be, since access to the Internet in Spain, barely touches 50% of implantation. As in previous years, all the documentation of the Conference will be published in the coming days through the website of the Agency (www.agpd.es). At the moment we have to settle for this video of awareness, who managed to draw more than one smile. Audea Jose Carlos Moratilla Department right ICT information security