AEPD (Spain) - PS/00257/2020
| AEPD - PS/00257/2020 | |
|---|---|
 | |
| Authority: | AEPD (Spain) |
| Jurisdiction: | Spain |
| Relevant Law: | Article 37 GDPR LOPDGDD |
| Type: | Investigation |
| Outcome: | Violation Found |
| Started: | |
| Decided: | |
| Published: | 11.01.2021 |
| Fine: | None |
| Parties: | Ayuntamiento de Arroyomolinos |
| National Case Number/Name: | PS/00257/2020 |
| European Case Law Identifier: | n/a |
| Appeal: | n/a |
| Original Language(s): | Spanish |
| Original Source: | AEPD (in ES) |
| Initial Contributor: | n/a |
The Spanish DPA (AEPD) issued a reprimand to the Spanish municipality Ayuntamiento de Arroyomolinos for lacking a DPO for more than two years after the entry into force of the GDPR.
English Summary
Facts
Ayuntamiento de Arroyomolinos was found lacking a DPO. The defendant has provided the measures it has in the meantime adopted: with a service contract from 28.09.2020 a DPO has been appointed.
Dispute
Was this municipality under the obligation of appointing a DPO?
Holding
The Spanish DPA recalled that the public administrations act as controllers for the processing of personal data and on some occasions as processors. As a result, they are subject to the GDPR and must fulfill all its obligations, including the obligation to appoint a data protection officer. This obligation had to be fulfilled starting from 28.05.2018, the date of entry into force of the GDPR. The Spanish DPA issued a reprimand to Ayuntamiento de Arroyomolinos for violating Article 37 GDPR. The reprimand was issued by virtue of the power conferred by Article 58(2)(b) GDPR.
Comment
Share your comments here!
Further Resources
Share blogs or news articles here!
English Machine Translation of the Decision
The decision below is a machine translation of the Spanish original. Please refer to the Spanish original for more details.
