Data Protection Act

The Data Protection Act (LOPD) requires all organizations, companies and institutions to ensure the security of personal data stored in that process and information systems and classifies these data into 3 levels of security (basic, medium and high). It imposes a series of backup obligations for each level, from ensuring the restoration of data before the loss to having remote backup.

What kind of information does you company handle and store? BASIC MEDIUM HIGH
Files with personal data
Files containing data relating to the commission of administrative or criminal offences.
Files containing data on Treasury.
Files containing data on Financial Services.
Files containing data on solvency and credit.
Files containing data related mainly to ideology, race, health beliefs, trade union affiliation, religion and sex.
What does Yildun Cloud Backup provide you with? BASIC MEDIUM HIGH
Notice: Undefined offset: 175 in /var/www/yildun_cloud/yildunLOPD.php on line 105
They must guarantee data restoration before the time when the loss occurs (Art.94.2). RESTORATION. Even to previous points in time.
Making backup copies on, at least, a weekly basis (Art.94.1). SCHEDULED BACKUPS. Yes, automatic backup, which can be programmed with the desired frequency.
Necessary authorization for the execution of data restoration procedures (Art.101.2). AUTHORIZED ACCESS ONLY. Backups are stored with encryption and you need the key (known only to the user) to retrieve any kind of information.
External storage of backups and data restoration procedures (Art.102). SECURE EXTERNAL STORAGE. In a DPC in accordance with regulations.

You must make remote backups if...

If your company belongs to the sector of... If you are... If you handle and store high level information. For example:
TRAINING Training Center Confessional college. Information on the family estate, personal income, race and religion to perform enrolments.
HEALTH Self-help association: medical center, beauty salon, dental clinic, fertility clinic. Center performing physical exams (sports center, sports club, gym, spa). Psychological/Psychiatric consultation. Insurance company Hospital laboratory. Medical history, understood as 'personal data concerning health', 'information concerning the past, present and future physical or mental health of an individual', concerning an individual in good health, ill or deceased. 'These data also include information relating to alcohol or drug use'.
SERVICES Legal, labor, accounting advice, auditing. Banking. Consulting market research, statistics, telemarketing and insurance brokerage. ETT or HR consultant. Organization of employment for disabled people. Information provided by clients relating to:
  • Ideology and beliefs: donations to the Catholic Church, membership of political parties, trade unions.
  • Health: registrations and de-registrations, handicap. Records on occupational disease, records on occupational accidents, recognition of disability, etc.
  • Records on requests for aid and subsidies containing data related to ideology, race, health beliefs, trade union affiliation, religion and sex.
PUBLIC SECTOR Administrative Agency or Public Body: City Hall, Council, Regional Government, INSS (National Institute of SS), TGSS (General Treasury of the Social Security), INEM (National Employment Institute), etc.
LEISURE Armory Sports Club. Dating Agency. Hotel with special services for the disabled. Health Certificates for gun permits (psychological testing, physical exams, etc.). DB of clients with data on health, race, capital gains, etc.
OTHERS Political party. Religious center. Trade union. Data on affiliation with groups that contain information about ideology, religion, and union membership.