-
Determining the necessary guarantees and appropriate measures for the protection of
personal data;
-
carrying out, through sworn officers, audits on all personal data processing;
-
imposing administrative and pecuniary penalties against persons responsible for the
processing who fail to comply with the provisions of this Law;
-
Updating and making available for public consultation a directory of personal data processing;
-
Consulting people and organizations that process personal data or carry out or tests or make
experiences in the matter;
-
giving its opinion on any legal bill in relation to the protection of freedom and privacy;
-
Developing guidelines for the processing and protection of personal data;
-
participating in scientific research, training and study in relation to the protection of personal
data, and in general, freedoms and privacy;
-
authorizing certain conditions set by decree of the Cabinet Meeting cross-border transfers of
personal data ;
-
making proposals likely to simplify and improve the legislative and regulatory framework
governing the processing of personal data ;
-
establishing mechanisms of cooperation with the bodies in charge of protecting personal data
from other countries;
-
participating in international negotiations on the protection of personal data ;
-
Establishing and implementing an annual activity report to the President of the Republic and
President of the National Assembly.
Art 48 – the cryptologic service provider cannot object the Protection Body, professional
secrecy to which it is submitted in accordance with legal and contractual provisions.
The person responsible for the processing acting in the course of performing his/her duties
cannot object the Protection Body of professional secrecy to which it is subject .
Art 49 – The Protection Body may impose in respect of person responsible for processing the
following measures:
-
A warning to the person responsible for processing who fails to comply with obligations under
this Law;
-
A formal notice to stop the deficiencies observed in the specified time.
Art 50 – when the implementation a personal data processing leads to a violation of human
freedoms the Protection Body after an adversarial procedure , shall decide the:
-
Interruption of the implementation of the processing;
-
locking of some personal data processed;