Legal notice

This is a web site that the Síndic de Greuges de Catalunya has made available to the users of Internet. Its objective is to facilitate access to the services and information of the institution, while projecting the Síndic, the people’s advocate, and his activity.

The web site and its contents, including the texts, pictures, sound, databases and any other material, are property of the Síndic de Greuges de Catalunya, of organizations associated with this institutions or third parties who have authorized their use.

All rights of this web site are reserved. Modification of the web site or its content is not permitted.

The Catalan Ombudsman will strictly comply with the regulations in force at all times regarding the protection of personal data and will adopt the legally enforceable measures for the protection of the personal data of the users, in order to preserve their privacy and confidentiality. In this regard, on the Ombudsman’s electronic office you may find the forms available to people who want to access their data, rectify them, delete them, request their portability, oppose to their treatment or request the limitation on any personal data. Likewise, and in accordance with Instruction 1/2009, of February 10, on the processing of personal data by means of cameras for video surveillance purposes, and Regulation 2016/679 of the European Parliament and the Council, of 27 February In April 2016, regarding the protection of individuals with regard to the processing of personal data and the free movement of these data, we inform you that:

1. If you access the premises of the Ombudsman, since there isa videosurveillance system, your data will be included in the file of videosurveillance, which the Ombudsman of Cataloniais responsible for.

2. The purpose of the file is to ensure the safety of the property and premises of the Ombudsman, which areprovided with a videosurveillance system, and the safety of the people accessing it.

3. Data may be transferred to the security forces and, in accordance with Article 4 of the Organic Law 2/1986, of 13thMarch, of security forces, with the aim of investigating acts that have been recorded in the field of vision of the videosurveillance system.

The administrative information provided through this web site does not supplant the legal publicity of the laws, general provisions and records that must be formally published in the Official Bulletin of the Generalitat and other official bulletins, which are the only instrument that certifies their authenticity and content.

The Síndic de Greuges de Catalunya is not responsible for the content, accuracy or currentness of the information proceeding from other natural or legal persons that is featured on this web site, or which is referred to through links to external systems.

The Síndic de Greuges de Catalunya does not guarantee that the web site and server are free from viruses, and is not responsible for the damages caused by the access to the web site or the impossibility of accessing it.

Under no circumstances will cookies or other possible like devices be used to store information that facilitates the identification of the natural person visiting the web site.

Cookies Policy

Functions of Data Protection Officer (PPO)

The functions of Data Protection Officer (PPO) are regulated in article 39 of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 (RGPD):

The data protection officer  (DPO) shall have at least the following tasks:

  • To inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to GDPR and other provisions.
  • To monitor compliance with this Regulation, with other data protection provisions and with the policies of the controller or processor in relation to the protection of personal data.
  • To monitor the assignment of responsibilities in relation to the protection of personal data.
  • To monitor the awareness-raising in relation to the protection of personal data.
  • To monitor training of staff involved in processing operations.
  • To monitor the related audits on data protection.
  • To provide advice where requested as regards the data protection impact assessment.
  • To monitor its performace pursuant to Article 35 (data protection impact assessment).
  • To cooperate with the supervisory authority.
  • To act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.       

As a part of the tasks of monitoring the compliance of data processing with the regulations, the DPO may also:

  • Gather information to determine the processing operations.
  • Analyse and assess the compliance with the Regulation of data processing operations.
  • To inform and advise the controller or the processor and issue recommendations.

The DPO shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing. 

People concerned may contact the DPO in relation to all questions related to the processing of their personal data and to exercise their rights, in accordance with the GDPR.

The DPO shall be bound by secrecy or confidentiality concerning the performance of his or her tasks throughout the entire duration of his o her professional relationship.

Likewise, they are bound secrecy or confidentiality regarding the data, although the contractual relationship with the controller has been extinguished, in accordance with article 10 of Spanish Organic Law 15/1999, of December 13, of personal data protection.