DATA PROTECTION AND ERTES

Data Protection and the application of the ERTES

Data Protection and and the application of ERTES (Expediente de Regulación Temporal de Empleo) are the order of the day, due to the current circumstances.

Our headquarters in Valencia has received inquiries related to this topic that we will analyze.

In an irremediable way, there are entities that are forced to take the ERTE as the temporary solution for the survival of their companies and the jobs of their employees.

The first thing to remember for those who process personal data as a result of their professional and business activity is that the decision of an ERTE implies compliance with all the legal rules to which it is subject. decision of an ERTE implies compliance with all those legal rules to which it is subject.

This is the case with the European Data Protection Regulation (RGPD) and the Organic Law on Data Protection(LOPD-GDD), which must be complied with, even in exceptional situations such as those of COVID-19.

ERTES must meet specific requirements in order for employers to be able to apply for this measure.

Causes for requesting an ERTE:

-Major force: loss of activity

-Organizational, production or technical: when there are changes in the forms of organization in companies, demand for products or means of production.

-Economic: negative economic situation.

Types of measures that may result from an ERTE:

-Suspension of temporary labor contracts

-Temporary reduction of working hours

The rights of workers during the implementation of an ERTE are as follows:

-Collection of unemployment benefits

-Once the ERTE has ended and the company has resumed its activity, employment will be maintained for at least 6 months.

Risks in an ERTE with respect to data protection

The main risk is to violate one of the principles governing data protection: DATA MINIMIZATION.

In other words, the personal data collected for the implementation of an ERTE must be adequate, relevant and limited to what is necessary for the purposes for which they are processed (art. 5.1.c) RGPD and 4 LOPD-GDD).

However, this is not the only point to be taken into account in an ERTE; data protection must continue as it was prior to the extraordinary labor measures.

Therefore, all the obligations of the Data Protection Regulations (LOPD-GDD and the RGPD), since the ERTE, as its name indicates, is a temporary circumstance.

Data Protection Obligations

Companies must continue to comply:

-Maintaining your security measures against security breaches.

Data protection training courses

-Forms for employees and the general public to exercise their rights.

-Active and available, as well as documents relating to special categories of data

-Update of the Impact Assessments

Internal and external data protection internal and external.

In short, all the obligations that a company has under the Data Protection Act.

Data Protection Sanctions

The Spanish Data Protection Agency (AEPD) has already ruled on this issue at other times, such as in Resolution R/00597/2018.

In this case, the implementation of an ERTE in the Palma de Mallorca airport delegation was carried out without complying with the Data Protection Law.

The supervisory authority fined the company 15,000 euros for non-compliance with the data minimization principle.

In the hands of expert Data Protection Consultants

If your company has implemented an ERTE or is in the process of applying for one, you can contact Business Adapter for advice on data protection compliance.

Business Adapter is an expert data protection consultancy in Valencia. Contact us at info@businessadapter.es or at 961318804.

Legal Department – Business Adapter®

Contact us, we will be pleased to help you.
error: Content is protected !!