A few days ago I had an interesting conversation with Eric, an expert in the Data Protection Act. We discussed the most common arguments used by “business savvy” in order to get a client to accept an adjustment of their treatment of personal data. After the conversation a question was “hit in the head.” Is it worth it?. In my years on the Law deeper reasoning I have known each more surprising: Penalties: Using the fear that customers can be fined up to 600,000 . Though it is true, this is one of the more vague arguments I have heard and also the most used. Inspections: Make believe that the AEPD is sending inspectors by companies becoming more common and as random can be visited soon and do not comply with the Data Protection Act will be fined.
As far as I know, the only acting AEPD office to check the degree of compliance of a particular business sector or on complaint by an affected. Company authorized and certificates: sold as a company approved by the AEPD own and issue certificates of appropriateness. The AEPD is not a certifying body approved nor and so far has not reached official certificates with any private entity or individual. Nor does it require the approved title for the provision of advice on data protection. These certificates have no value, nor for anything by the AEPD. Hopefully this will change in the near future, but right now anyone could make an adjustment to the Data Protection Act and is the responsibility of customers to choose a professional in the field.