Community fined for non-compliance with data protection laws

Data protection in the Communities

The fine imposed on a Community for non-compliance with data protection regulations raises numerous doubts.

The current Data Protection Regulation does not establish limitations to the Communities of owners, on the personal data that can be treated (name and surname, ID number, telephone, address, email, etc.), to avoid sanctions, but what is a reality is that the communities of owners must adapt to the European Data Protection Regulation(RGPD) and the Spanish Data Protection Law(LOPD-GDD), to avoid them.

Data protection fines to Communities

In order to understand the importance of the implementation of protocols and security measures required by the current regulations, we will discuss a real example of a sanction (sanctioning procedure number 00378/2019), in which the Spanish Data Protection Agency (AEPD) imposed a fine of 15,000 00378/2019), in which the Spanish Data Protection Agency(AEPD) imposed a fine of 15,000 € to a Community of Owners.

The sanction is imposed on the Community, after having been denounced by one of the neighbors after having been published in the elevator of the community, a minutes of neighborhood meeting, with data of several neighbors that made them identifiable.

In this Act, it was agreed to take legal action against several neighbors for alleged illegal works.

To be taken into account in the Communities

The sanction of the AEPD is based on the breach of Article 5.1 f) of the RGPD, since the actions of the Community of owners violated the principle of integrity and confidentiality of the personal data of the neighbors contained in the published minutes, with the aggravating factor of being visible to anyone who used the elevator of the community, whether or not a neighbor of the community.

Horizontal Property Law

The Communities of owners are subject to the Law 9/1960, of July 21, on horizontal property, which regulates the granting of its Deed of Horizontal Division until the extinction of this, the appointment of positions, the convening and holding of neighborhood meetings, procedures to reach agreements, how to deal with common expenses, etc….

It is true that posting on the bulletin board is necessary, but complying with this premise does not exempt from other obligations, such as ensuring that these publications protect the rights of neighbors, and one of the measures that could be used would be anonymization.

Expert advice

This is an example of how a Community can breach the Data Protection Law and be penalized for it, but having all the assumptions covered requires expert advice.

Business Adapter® data protection Valencia, helps homeowners’ associations to comply with the RGPD and the LOPD-GDD.

[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Request a quote[/su_button]

Contact us, we will be pleased to help you.
error: Content is protected !!