First code of conduct

First code of conduct approved by the AEPD

The AEPD has approved the first code of conduct, making use of its powers under articles 40 and 41 of the RGPD and 38 of the LOPD-GDD.

What does a Code of Conduct mean and what is it for?

A Code of Conduct on data protection, is a set of rules that help us on how to apply the provisions of the General Data Protection Regulation EU 2016/679 (hereinafter, GDPR) and the Organic Law 3/2018, on the Protection of Personal Data and guarantee of digital rights (hereinafter, LOPD-GDD).

These codes can be drawn up by associations and other bodies representing categories of controllers or processors, in accordance with Article 40 of the GDPR, and it is important to take into account the needs and characteristics of micro-enterprises and SMEs when drafting them.

The Codes of Conduct must be approved by the competent authority, and may be modified by the associations, according to new needs that arise. These Codes will be published by the AEPD.

Is compliance with these codes mandatory?

The answer is yes; compliance will be mandatory for those associations or organizations that have adhered to it, based on Article 40. 5 of the RGPD.

Who oversees compliance with the Codes of Conduct?

According to Article 41.1 of the GDPR, bodies shall be created that have the appropriate level of expertise in relation to the subject matter of the code and that have been previously accredited for this purpose by the competent supervisory authority, i.e. the AEPD.

The AEPD published the conditions to be met by these supervisory bodies in order to obtain their accreditation, which can be consulted at the following link: https://www.aepd.es/sites/default/files/2020-02/acreditacion-organismos-supervision-cc.pdf

First Code of Conduct approved by the AEPD

The first code of conduct approved by the AEPD corresponds to the “Code of Conduct on Data Processing in Advertising Activities”.

This Code is the result of the work carried out by the Association for the Self-Regulation of Commercial Communication (AUTOCONTROL), with the aim of establishing a system for processing consumer complaints on data protection and advertising, through the extrajudicial channel, being its characteristics the agility, efficiency and gratuity of the system.

With this Code, the AEPD has opened the Register of Codes of Conduct, with the aim of publicizing them, in compliance with the provisions of Articles 40.6 of the RGPD and 38.5 of the LOPDGDD.

In this Register it is also possible to consult, in addition to the full text of the Code of Conduct, the Resolution of approval and accreditation of the supervisory body.

If you are thinking of developing a Code of Conduct, Business Adapter® data protection in Valencia will help you in its drafting:

[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]CONTACT[/su_button]

Contact us, we will be pleased to help you.
error: Content is protected !!