{"version":"1.0","provider_name":"Ara Lleida","provider_url":"https:\/\/aralleida.cat\/en\/","author_name":"admin","author_url":"https:\/\/aralleida.cat\/en\/author\/frame_zesv7n2g\/","title":"Diputaci\u00f3 de Lleida Records of Personal Data Processing Activities","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"5HwjDI7F6e\"><a href=\"https:\/\/aralleida.cat\/en\/diputacio-de-lleida-records-of-personal-data-processing-activities\/\">Diputaci\u00f3 de Lleida Records of Personal Data Processing Activities<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/aralleida.cat\/en\/diputacio-de-lleida-records-of-personal-data-processing-activities\/embed\/#?secret=5HwjDI7F6e\" width=\"600\" height=\"338\" title=\"&#8220;Diputaci\u00f3 de Lleida Records of Personal Data Processing Activities&#8221; &#8212; Ara Lleida\" data-secret=\"5HwjDI7F6e\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/aralleida.cat\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","description":"[vc_row][vc_column][vc_empty_space height=&#8221;30px&#8221;][vc_custom_heading source=&#8221;post_title&#8221; font_container=&#8221;tag:h1|text_align:left&#8221; use_theme_fonts=&#8221;yes&#8221; css=&#8221;&#8221;][vc_empty_space height=&#8221;30px&#8221;][vc_column_text css=&#8221;&#8221;] In accordance with Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), and with Organic Law 3\/2018, of 5 December, on data protection and the guarantee of digital rights (LOPDGDD), a proposal is made for the Diputaci\u00f3 de Lleida Records of Personal Data Processing Activities. Definitions and concepts &nbsp; WHAT IS PERSONAL DATA? Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is a person whose identity can be directly or indirectly established by means of an identifier such as a name, an identification number, location data, an online identifier and one or more elements of the person\u2019s physical, physiological, genetic, mental, economic, cultural or social identity (Source: Gu\u00eda Sectorial de la Asociaci\u00f3n Espa\u00f1ola de Protecci\u00f3n de Datos, \u201cProtecci\u00f3n de datos y Administraci\u00f3n Local\u201d). &nbsp; WHAT IS PERSONAL DATA PROCESSING? Any activity involving personal data constitutes data processing. Such activity may be carried out manually or automatically, with all or only some of the data. Thus it covers the collection, recording, organisation, structuring, storage, adaptation or modification, retrieval, consultation, use, communication by transmission, dissemination or any other form of providing access, collation or interconnection, restriction, deletion or destruction of data. In accordance with local government regulations, local authorities, and therefore Diputaci\u00f3 de Lleida, provide a number of public services relating to its different areas of competence or functions. In order to provide these public services, Diputaci\u00f3 de Lleida may request, collect, process and store users\u2019 personal data. This personal data can be processed by Diputaci\u00f3 de Lleida, in whole or in part, manually or automatically (Source: Gu\u00eda Sectorial de la Asociaci\u00f3n Espa\u00f1ola de Protecci\u00f3n de Datos, \u201cProtecci\u00f3n de datos y Administraci\u00f3n Local\u201d). &nbsp; PRINCIPLES OF PERSONAL DATA PROCESSING Articles 5 to 11 of the GDPR regulate the principles that must be observed and respected when processing the personal data of data subjects. These principles are: \u2013\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Lawfulness, fairness and transparency. Personal data must be processed in a lawful, fair and transparent manner in relation to the data subjects. \u2013\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Purpose limitation. Personal data will be collected for specified, explicit and legitimate purposes and may not be processed in a way that is incompatible with these purposes. Further data processing for the purposes of archiving in the public interest, scientific and historical research or for statistical purposes is not considered incompatible with the initial purposes. \u2013\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Data minimisation. Collected and\/or processed personal data must be adequate and relevant, and limited to the requirements of the purpose for which it is collected and\/or processed. \u2013\u00a0Accuracy.\u00a0Personal data must be accurate and, if necessary, updated. Reasonable technical measures must therefore be taken to delete or rectify data which is inaccurate in relation to the processing purposes. \u2013\u00a0Limitation of the storage period. Personal data must be stored in such a way as to permit identification of data subjects only for as long as required for the processing purposes. The exceptions mentioned under \u201cpurpose limitation\u201d are applicable to this point. \u2013\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Integrity, security and confidentiality.\u00a0Personal data must be processed in such a way as to ensure its integrity, security and confidentiality, including the protection of data from unauthorised or unlawful processing, destruction, manipulation or damage, by applying the necessary technical and organisational measures. \u2013\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Proactive accountability. As a guiding principle for all the above, the data controller is responsible for ensuring compliance with these principles and must also be able to provide clear evidence of this compliance. &nbsp; THE DATA CONTROLLER Diputaci\u00f3 de Lleida is responsible for processing this data (Articles 24 to 27 of the GDPR) and, therefore, for ensuring compliance with the obligations arising from current personal data protection regulations and for adopting the appropriate technical and organisational measures for their implementation. &nbsp; DATA CONTROLLER Diputaci\u00f3 de Lleida Carrer Carme, 26 25007 Lleida https:\/\/wwwdiputaciolleida.cat\/contacte &nbsp; THE DATA PROTECTION OFFICER Articles 37, 38 and 39 of the GDPR introduce the data protection officer (DPO) as a mandatory role for government authorities; therefore, all local government bodies are also required to appoint one. The European regulation states that the data protection officer must be a person with specialised legal and practical knowledge of data protection. This knowledge is required in relation to processing and the obligatory measures guaranteeing the adequacy of the personal data processing for which Diputaci\u00f3 de Lleida is responsible. Diputaci\u00f3 de Lleida appointed the data protection officer, with the functions of GDPR Article 39, through Decree No. 586, of 13 March 2020. DATA PROTECTION OFFICER Diputaci\u00f3 de Lleida\u00a0 Carrer Carme, 26 25007 Lleida dpd@diputaciolleida.cat &nbsp; THE RECORDS OF PROCESSING ACTIVITIES (RPAs) Article 30.1 of the GDPR states that local authority data controllers and processors must create and maintain the written record of processing activities, including in electronic form. These records must be available to the supervisory authority and must include: Contact details of the data controller. Contact details of the data protection officer. The purpose of processing. Categories of personal data. Categories of data subjects. Technical and organisational security measures. Categories of recipients. International transfers and, where possible, the time limits established for deleting the different data categories. To identify the Diputaci\u00f3 de Lleida processing activities, we have taken into account its areas of competence and previous personal data files, as well as corporate and online office procedures. &nbsp; Diputaci\u00f3 de Lleida Records of Processing Activities (RPAs) Compliance with Article 30 of Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and Article 31 of Organic Law 3\/2018, of 5 December, on data protection and the guarantee of digital rights. Version in force as from:\u00a0\u00a0\u00a0\u00a0\u00a0 04 December 2020\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0approval: Decree No. 2020\/3448 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0dated 03 December 2020 Data controller Diputaci\u00f3 de Lleida Contact"}