Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
1
Information on applicable data protection rules in the countries participating in BRIS
The information below has been provided by the countries participating in BRIS in relation to the following questions:
Question 1: For how long is the information filed by companies made available in the business register? What are the national rules in this regard?
Question 2: Who is the national data controller responsible for the information made available in the business register(s) of your Member State? In other words, who should data
subjects contact in your Member State for the effective exercise of their rights to information, to access, to rectify and to object according to the applicable data protection legislation?
Question 3: Please provide the privacy statement that you currently apply on your business registers.
Country Question 1 Question 2 Question 3
Austria Information not available Information not available Information not available
Belgium Wat betreft rechtspersonen worden
de gegevens gedurende dertig jaar in
het register bewaard te rekenen van
de dag van verlies van de
rechtspersoonlijkheid.
Regarding legal persons the
information is kept in the register for
thirty years starting from the day the
legal person loses its legal
personality.
Commission for the protection of privacy
Rue de la Presse 35, 1000 Brussels
Tel: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
E-mail: [email protected]
https://www.privacycommission.be/en/
There is currently no specific privacy statement on our register
website.
Bulgaria The information filed by companies
is available without a time limit.
The Bulgarian business register is hosted by
the Registry agency.
Агенция по вписванията (Registry agency)
1111 София, ул. Елисавета Багряна № 20
(20 Elisaveta Bagryana str., 1111 Sofia)
www.registryagency.bg
The Bulgarian Business Register does not currently apply an
explicit privacy statement. The matter is regulated by the national
legislation.
Croatia Information (active and deleted) are
available permanently in the court
register. (In the Republic of Croatia
there is no business register - there is
a court register, a craft register and
National data controller:
Croatian Personal Data Protection Agency
Fra Grge Martića 14, HR - 10 000 Zagreb
N/A
2
Country Question 1 Question 2 Question 3
several other registers for
associations). Tel.00385 (0)1 4609-000
Fax 00385 (0)1 4609-099
E-mail: [email protected]
http://www.azop.hr
Cyprus There is specific legislative provision
(section 327 Companies Law,
Cap.113) for the retention of
company data for 20 years. This is
because de registered companies can
be brought back within this specific
time period.
The national data controller responsible for
the information made available in the
business register of Cyprus is:
The Registrar of Companies and Official
Receiver
Corner Makariou III Avenue and
Karpenisiou Street
''XENIOS'' Building, 7th Floor, Office No.
701
1427 Nicosia
Tel. +357 22404301-302
E – mail: [email protected]
www.mcit.gov.cy/drcor
At present there are no concrete measures for privacy statement
for our business registers.
Czech
Republic
All information is made available
indefinitely. Our IS contains a valid /
current listing and also a complete
listing of data, that is all historical
data about that company.
The IS administrator is the Ministry of
Justice, and the regional courts are
responsible for the accuracy of the data.
Ochrana osobních údajů
Povinně zveřejňované údaje týkající se zpracování osobních údajů
při vedení obchodního rejstříku.
Dle zákona č. 101/2000 Sb. (§ 18 odst. 1, písm. b), o ochraně
osobních údajů, není Ministerstvo spravedlnosti ČR jako správce
obchodního rejstříku povinno podat Úřadu pro ochranu osobních
údajů oznámení o zpracování osobních údajů, neboť povinnost
zpracovávat osobní údaje vznikla na základě zvláštního zákona č.
513/1991Sb., obchodní zákoník, ve znění pozdějších předpisů.
Zákon o ochraně osobních údajů v tomto případě stanoví (§ 18
odst. 2), že informace týkající se zpracování osobních údajů
(zejména účel zpracování, kategorie osobních údajů, kategorie
3
Country Question 1 Question 2 Question 3
subjektů údajů a další, viz níže) musí být zveřejněny.
Identifikační údaje správce osobních údajů:
Ministerstvo spravedlnosti
Vyšehradská 16
128 10 Praha 2
IČ 00025429
Účel zpracování:
- zákon č. 513/1991Sb., obchodní zákoník ve znění pozdějších
předpisů určuje povinnost zapisovat informaci rejstříkovými
soudy do obchodního rejstříku
- Obchodní rejstřík zajišťuje vedení registru samostatně
podnikajících fyzických osob,veřejných obchodních společností,
komanditních společností, společností s ručením omezeným,
akciových společností, státních podniků, družstev, organizačních
složek tuzemských i zahraničních organizací a dalších subjektů.
Kategorie subjektů údajů:
- subjekty zapsané v obchodním rejstříku dle zákona č. 513/1991
Sb., obchodní zákoník ve znění pozdějších předpisů
Kategorie osobních údajů:
- v § 35 a § 36 zákona č. 513/1991 Sb., obchodní zákoník ve znění
pozdějších předpisů jsou uvedeny údaje, které se zapisují do
obchodního rejstříku
- údaje o firmě, jménu nebo názvu, sídle nebo místu podnikání a
identifikačním čísle osoby (dále jen „identifikační číslo“);
Rozsah zpracovávaných údajů:
- u právnických osob sídlo,
- u fyzických osob bydliště a místo podnikání, liší-li se od
bydliště,
4
Country Question 1 Question 2 Question 3
- předmět podnikání (činnosti),
- právní forma právnické osoby,
- u fyzické osoby rodné číslo nebo datum jejího narození, nebylo-
li jí rodné číslo přiděleno,
- identifikační číslo, které podnikateli přidělí rejstříkový soud;
potřebná identifikační čísla poskytne rejstříkovému soudu správce
základního registru osob 2a),
- jméno a bydliště nebo firma a sídlo osoby, která je statutárním
orgánem právnické osoby nebo jeho členem, s uvedením způsobu,
jak jménem právnické osoby jedná, a den vzniku a zániku její
funkce; je-li statutárním orgánem nebo jeho členem právnická
osoba, též jméno a bydliště osob, které jsou jejím statutárním
orgánem nebo jeho členem,
- jméno a bydliště prokuristy, jakož i způsob, jakým jedná,
- u právnické osoby identifikační číslo, pokud jí bylo přiděleno,
- další skutečnosti, o kterých to stanoví právní předpis.
Zdroje osobních údajů:
Rejstříkové soudy:
- Městský soud v Praze, Krajský soud v Českých Budějovicích,
Krajský soud v Plzni, Krajský soud v Plzni - pobočka Karlovy
Vary, Krajský soud v Ústí nad Labem, Krajský soud v Ústí nad
Labem - pobočka Liberec, Krajský soud v Hradci Králové,
Krajský soud v Hradci Králové - pobočka Pardubice, Krajský
soud v Brně, Krajský soud v Ostravě, Krajský soud v Ostravě -
pobočka Olomouc
Popis způsobu zpracování osobních údajů:
- automatizované zpracování
Místo zpracování osobních údajů:
Ministerstvo spravedlnosti ČR
Vyšehradská 16
5
Country Question 1 Question 2 Question 3
128 10 Praha 2
Příjemce nebo kategorie příjemců:
- uživatelé internet
Popis opatření k zajištění požadované ochrany osobních údajů
podle § 13 zákona č.
101/2000 Sb.:
- na základě § 28 zákona č. 513/1991Sb., obchodní zákoník ve
znění pozdějších předpisů - obchodní rejstřík je každému
přístupný. Každý do něj může nahlížet a pořizovat si z něj kopie či
výpisy.
Denmark In general information is made
available indefinitely. The personal
data ceases to be updated 10 years
after a person has ceased to be active
in a company registered with the
DBA.
The national data controller according to
Directive 95/46/EC art. 2(d) is the Danish
Data Protection Agency.
The text according to Directive 2012/17/EU art. 3(3) is as follows,
in Danish:
"Hvornår kan der støttes ret på de registrerede oplysninger?
Selskabslovens § 14 implementerer 1. selskabsdirektivs artikel 3 i
dansk selskabsret og beskriver, hvorledes der kan støttes ret på
registrerede oplysninger. Af selskabslovens § 14 fremgår:
”Oplysninger, der er offentliggjort i Erhvervsstyrelsens it-system,
anses for at være kommet til tredjemands kendskab. 1. pkt. finder
dog ikke anvendelse på dispositioner, der er foretaget senest den
16. dag efter offentliggørelsen, såfremt det bevises, at tredjemand
ikke kunne have haft kendskab til det offentliggjorte forhold.
Så længe offentliggørelse i Erhvervsstyrelsens it-system ikke har
fundet sted, kan forhold, der skal registreres og offentliggøres,
ikke gøres gældende mod tredjemand, medmindre det bevises, at
denne har haft kendskab hertil. Den omstændighed, at et sådant
forhold endnu ikke er offentliggjort, hindrer ikke tredjemand i at
gøre forholdet gældende.”
Ansvar for rigtigheden af de registrerede oplysninger
Anmelder har ansvaret for rigtigheden af de anmeldte oplysninger,
jf. anmeldelsesbekendtgørelsen § 8 samt selskabslovens § 15, stk.
2. Anmelder kan ifalde strafansvar, såfremt anmeldelsen ikke er
6
Country Question 1 Question 2 Question 3
lovligt foretaget eller de anmeldte oplysninger ikke er korrekte.
Erhvervsstyrelsen efterprøver ikke rigtigheden af de anmeldte
oplysninger, men registrerer oplysninger, som de er anmeldt.
Dette gælder, hvad enten der er tale om en manuel registrering
eller en selvregistrering foretaget via Virk.dk.
Erhvervsstyrelsen kan være erstatningsansvarlig for brug af
registrerede oplysninger eller dokumenter, som er fejlagtige som
følge af styrelsens forhold, herunder fejl i sagsbehandlingen."
7
Country Question 1 Question 2 Question 3
Estonia The National Archives of Estonia has
given most of the data (registry card
and business files) permanent
conservation value. The data and
files of permanent conservation value
shall be transferred to a public
archive by electronic means if
technically possible, after the
company is struck off from the
register.
The commercial register is maintained by the
registration department of Tartu County
Court.
Registration Department of Tartu County
Court
Pikk 32
44307, Rakvere
Estonia
Phone: +372 601 1166
E-mail: [email protected]
There is no specific privacy statement applicable for the data
processing in the commercial register. Data processing in the
commercial register is regulated by specific provisions (sections
22–71) of the Commercial Code. Concerning the personal data
processing in the commercial register, the provisions of the
Personal Data Protection Act also apply.
A data subject has a right of recourse to the Data Protection
Inspectorate or a court if the data subject finds that his or her
rights are violated in the processing of personal data (Personal
Data Protection Act section 22).
Estonian Data Protection Inspectorate
Väike-Ameerika 19
10129, Tallinn
Estonia
Phone: +372 627 4135
E-mail: [email protected]
http://www.aki.ee/en
Commercial Code:
https://www.riigiteataja.ee/en/eli/513072016002/consolide
Personal Data Protection Act:
https://www.riigiteataja.ee/en/eli/507032016001/consolide
8
Country Question 1 Question 2 Question 3
Finland After information is provided to the
register it will be available forever.
Information regarding old, liquidated
/ deregistered companies may not be
available in the electronic register but
information is stored to the National
Archives of Finland.
Finnish Patent and Registration Office
Arkadiankatu 6 A, Helsinki
P.O. Box 1140, FI-00101 Helsinki, Finland
Telephone exchange: +358 29 509 5000
https://www.prh.fi/en/index.html
Trade Register Information Services
https://www.prh.fi/en/kaupparekisteri/tietopal
velut.html
Online information service, Virre:
https://virre.prh.fi/novus/home?execution=e1
s1
Privacy statement from Trade Register:
In Finnish:
https://www.prh.fi/stc/attachments/rekisteri-
_ja_tietosuojaselosteet/kaupparekisteri_tietosuojaseloste.pdf
In English:
https://www.prh.fi/stc/attachments/rekisteri-
_ja_tietosuojaselosteet/englanti/kaupparekisteri_eng_tietosuojasel
oste.pdf
Privacy statement from Business Information System (YTJ):
In Finnish:
https://www.ytj.fi/stc/attachments/rekisteriselosteet_0/ytj_rekisteri
seloste.pdf
In English:
https://www.ytj.fi/stc/attachments/rekisteriselosteet_0/bis_descript
ion.pdf
France Information not available Information not available Information not available
9
Country Question 1 Question 2 Question 3
Germany The registers maintain information
without a time limit and the
information remains accessible even
after a company is dissolved or
struck off. If a company is struck off,
the filed documents will be deleted
after ten years.
For the Handelsregisterportal (Common
Register Portal of the German federal states):
Die Landesbeauftragte für Datenschutz und
Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2 – 4
40213 Düsseldorf
Telefon: +49 (0)211/38424-0
E-Mail: [email protected]
https://www.ldi.nrw.de
For the federal Business Register
(Unternehmensregister):
Die Bundesbeauftragte für den Datenschutz
und die Informationsfreiheit
Husarenstraße 30
53117 Bonn
Telefon: +49 (0)228-997799-0
E-Mail: [email protected]
https://www.bfdi.bund.de
This is the privacy statement from the website
"www.handelsregister.de" (joint online-platform organized by the
German federal states for information of the commercial registers
(Handelsregister)):
"Privacy Statement
When you visit our online presentation we will save the following
records:
name of the requested file,
date and time of request,
amount of data transferred,
error state, and
IP-address of the person who made a request.
Six weeks after a request has been made by a visitor the collected
data will be converted into anonymous information by erasing the
IP address in each data file. The collected data will be used only
for statistical purposes. Neither this data nor any parts thereof will
be passed on to any third party. No alignment with any of the
already existing records will be done.
If the user is being offered to enter personal or business-related
data (e-mail addresses, names, postal addresses) anywhere within
this online presentation, this information shall be disclosed
exclusively on an expressly voluntary basis. Here, too, your data
will be treated as strictly confidential and shall not be passed on to
any third party. The website of the German federal justice
ministry does not employ cookies. No other techniques are applied
either that allow to trace the access data of internet users visiting
the web site."
The privacy statement on the Website of the federal Business
Register "www.unternehmensregister.de" can be found under the
following link:
https://www.unternehmensregister.de/ureg/datenschutz.html?sub
mitaction=language&language=en
10
Country Question 1 Question 2 Question 3
Greece Information not available Information not available Information not available
Hungary The company documents and data
are stored for always.
Company registration (amendment
notification) proceedings are non-contentious
proceedings in the first and second instance,
carried out by way of electronic means to
which the provisions of Act III of 1952 on
the Code of Civil Procedure (hereinafter
referred to as CPC) shall apply, unless
otherwise provided for in this Act;
adjournments.
The company register is kept by the company
court.
http://birosag.hu/torvenyszekek/cegbirosagok
We haven't any privacy statement for our business register. The
company date are fully public.
Iceland Information not available Information not available Information not available
Ireland The Information filed by companies
is always available as long as the
company exists, and information is
available for up to twenty years (20)
in the case of all companies which
are dissolved.
The Companies Registration Office is an
organization that only carries out processing
to keep, in accordance with the law, a register
that is intended to provide information to the
public and is therefore exempt from the
requirement to specify a Data Controller
under the Data Protection Acts 1988 and
2003.
Please find the included Companies Registration Office Privacy
Statement
https://www.cro.ie/About-CRO/Website-Privacy-and-Security-
Statement
11
Country Question 1 Question 2 Question 3
Italy The Italian business register is a
public register providing data
disclosure on companies, accessible
to both members and third parties for
the necessary safeguards and
protection of their interests. The
Italian regulation does not prescribe a
time limit for the data published in
the business register.
Each Chamber of Commerce is responsible
for running the local office of the business
register and each local office of the business
register is the data controller for the
companies whose location is specified in the
particulars available through BRIS. The
contact information of the local office of the
business register can be obtained via their
Chamber of Commerce website, each
available at the following web address:
www.camcom.gov.it (selecting the name of
the Chamber of Commerce).
I dati sono raccolti dalla Camera di Commercio competente a
mezzo del sistema informativo messo a disposizione dalla società
consortile InfoCamere in base alle norme ed ai regolamenti che ne
prevedono la comunicazione alla stessa. Le finalità del trattamento
dei dati, pertanto, sono quelle definite nelle leggi e nei
regolamenti che ne disciplinano l’attività (in particolare l'articolo
8 della Legge n. 580/1993 e s.m.i. ed il relativo regolamento
attuativo, oltre che il codice per la tutela dei dati personali, il
D.Lgs n. 196/2003 e s.m.i.), e che sono necessarie per il corretto
svolgimento dell’azione istituzionale esercitata dalla Camera di
Commercio. I dati raccolti sono inseriti in un’apposita banca dati
al fine di consentirne la fruizione in via telematica al pubblico.
Latvia It is not specified in the legal acts for
how long the Enterprise Register
shall maintain the entries made in the
public registers. Thus all entries are
kept forever, even after the legal
person, about whom the entries are
made, is striked – off the register.
Documents submitted to justify the
entries made are kept for ten years
after legal person is striked – off.
After that these documents shall be
deposited to National Archives of
Latvia in procedure stipulated by the
Law on Archives.
The national data controller responsible for
the information made available in the
business is
The Enterprise Register of the Republic of
Latvia
Pērses iela 2, Rīga, LV – 1011
e-mail: [email protected]
Personal data processing framework is set in the Law "On the
Enterprise Register of the Republic of Latvia" and in the laws and
regulations governing the registration of legal entities and legal
facts. Authorities processes personal data only on the basis of laws
and regulations of the Republic of Latvia - Enterprise Register of
the Republic of Latvia can't accept a binding privacy statement.
Liechtenstein Information not available Information not available Information not available
12
Country Question 1 Question 2 Question 3
Lithuania Under the Article 2.64 of the Civil
Code of the Republic of Lithuania a
legal entity must be registered within
3 working days from the day on
which all documents listed in
Paragraph 2 of the given Article are
produced and a registration fee is
paid.
File of a legal entity is stored 50
years after the removal of a legal
entity from the Register.
State Data Protection Inspectorate
Vinco Kudirkos str. 18-3
LT-03105 Vilnius, Lithuania
Phone: +370 5 271 2804
E-mail: [email protected]
https://www.ada.lt/go.php/eng/lietuviskai/3
https://www.ada.lt/go.php/lit/english
Under the Paragraph 1 of the Article 2.71 of the Civil Code of the
Republic of Lithuania data of the Register of Legal Entities,
documents stored in the Register as well as any information
supplied to the Register shall be made public.
Individuals' personal data are processed in accordance with the
Law on Personal Data Protection procedures.
Luxembourg The information filed by companies
is available in the business register as
long as the company remains filed at
the business register and 20 years
after its deletion from the business
register.
The national data controller is the
«Commission nationale pour la protection
des données » (CNPD).
The data collected by the business register are public. The
business register doesn’t apply a privacy statement.
The information which can be found on the business register’s
web site is:
The data filled on the business register provide from the
informations given by companies in application of the law of the
19th December 2002 on the Luxembourg Trade and Companies
Register as well as accountancy and annual company accounts
(“loi modifiée du 19 décembre 2002 concernant le registre de
commerce et des sociétés ainsi que la comptabilité et les comptes
annuels des entreprises”) and of the regulation of the 23rd January
2003 enforcing the above law (Règlement grand-ducal du 23
janvier 2003 portant exécution de la loi du 19 décembre 2002
concernant le «registre de commerce et des sociétés» ainsi que la
comptabilité et les comptes ).
With the exception of the data which can be found on the official
business register extract, a document publicly available, the
collected data are not transferred to any commercial companies or
organization except to the Luxembourgish government or
Luxembourgish judicial administration.
13
Country Question 1 Question 2 Question 3
Malta There is no time limit in terms of law
- Information and documents are kept
for indefinite period.
All data on companies in the register is
publicly available as required by company
law. The information is available company
by company. The Registrar of Companies is
responsible for the maintenance of the
company register.
In Malta data protection legislation is
administered by
The Information and Data Protection
Commissioner
Level 2, Airways House. High Street.
Sliema SLM 1549. Malta.
Telephone. (+356) 2328 7100.
Link to their portal:
http://idpc.gov.mt/en/Pages/Home.aspx
Link to disclaimer/privacy statement:
http://registry.mfsa.com.mt/disclaimer.jsp
Netherlands The data registered in the
Commercial Register are available
eternally (Commercial Register Act
and Archive Act).
The yearly accounts deposited at the
Chamber of Commerce are available
for a period of seven years, after
which they are deleted (Book 2
Dutch Civil Code).
The Chamber of Commerce administers the
Commercial Register in the Netherlands.
Datasubjects can contact the Chamber of
Commerce for the exercise of their rights and
obligations with regard to their data in the
register.
The applicable rules and regulations with regard to the (data in
the) Commercial Register are stipulated in the General
Administrative Act (Algemene Wet Bestuursrecht), the
Commercial Register Act (Handelsregisterwet), the Commercial
Register Decree (Handelsregisterbesluit) and the Personal Data
Protection Act (Wet Bescherming Persoonsgegevens). With
regard to the right of datasubjects in the Commercial Register to
information, to access, to rectify and to object the (procedures in
the) General Administrative Act and the Commercial Register Act
are denominated as 'lex speciales' of the Data Protection Act.
14
Country Question 1 Question 2 Question 3
Norway The information is publicly available
as long as the company is registered
(not struck off). Historical
information can be ordered.
Our General Director is the data controller
responsible for the information made
available in the business.
The daily responsibility for fulfilling our
duties has been delegated to the head of the
business register.
Contact information:
Name: Øyvind Vågan
Phonenumber: +47 90562763
e-mail: [email protected]
www.brreg.no
Our privacy statement:
Mye av registerdriften ved Brønnøysundregistrene handler om å
holde oversikt over hvem som har forpliktet seg til hva.
Løsøreregisteret gjør det mulig å pantsette gjenstander, fordi både
låner og utlåner stoler på at noen tar vare på hva som er avtalt
mellom partene. På samme måte sikrer Foretaksregisteret og
Enhetsregisteret at det ikke skal oppstå tvil om hvem som har
påtatt seg ulike typer ansvar.
Åpenhet og oversikt motvirker økonomisk kriminalitet. Pålitelig
og saklig informasjon gir økonomisk trygghet. I forbindelse med
forvaltningen av våre oppgaver registreres personopplysninger.
De aller fleste opplysninger registreres med direkte hjemmel i lov,
og da de ulike særlovene som regulerer hvert enkelt register.
Når det gjelder nettportalen Altinn har vi utformet en egen
personvernerklæring. Hvis du ønsker å vite mer om behandlingen
av personopplysninger i Altinn, se Altinns nettsider om
personvern.
Som registrert i våre registre, vil du ha rettigheter som følger av
lovgivningen for det aktuelle register eller fagområde. I tillegg vil
du ha rettigheter etter lovgivning som gjelder generelt. Særskilt
aktuelt i forbindelse med registreringen av personopplysninger, er
personopplysningsloven.
Poland Information not available Information not available Information not available
15
Country Question 1 Question 2 Question 3
Portugal The recorded information is
permanently retained.
The president of the Board of Directors of the
Institute of Registries anda Notary (article
78.º-C Commercial Register Code)
Name: José Ascenso Nunes da Maia
Address: Av. D. João II, nº 1.08.01D,
Edifício H, Parque das Nações, Apartado
8295
1803-001 Lisbon, Portugal
e-mail adrdress: [email protected]
Phone number: 0351 217985500
http://www.irn.mj.pt/IRN/sections/irn/contact
os
http://www.irn.mj.pt/IRN/sections/irn/legisla
cao/docs-legislacao/cod-reg-
comercial/downloadFile/file/Codigo_do_Reg
isto_Comercial.pdf?nocache=1339670405.5
Os dados pessoais recolhidos destinam-se à organização de
informação sobre a situação jurídica das entidades sujeitas a
registo comercial e são processados automaticamente nos termos
da legislação aplicável ao registo comercial e à proteção de dados
pessoais, não podendo ser utilizados para outra finalidade. O seu
tratamento é da responsabilidade do Presidente do Conselho
Diretivo do Instituto dos Registos e do Notariado, I.P.., que
assegura o acesso à informação pelo próprio, que tem direito à
correção dos dados indevidamente registados.
The personal data collected are used to organize information on
the legal status of entities subject to commercial register and are
processed automatically, in accordance with the legislation of the
commercial register and protection of personal data, and can not
be used for another purpose. The President of the Board of
Directors is the responsible for the processing of data, and
provides access to the information to the data subject, who can
request the rectification of the unduly registered data.
16
Country Question 1 Question 2 Question 3
Romania Prin registrul comerțului se
realizează evidența datelor din
documentele de înregistrare ale
persoanelor supuse înregistrării,
arhiva oficială a documentelor cu
caracter constitutiv sau modificator
ale acestora și a altor documente
prevăzute în mod expres de lege.
Prin urmare, informațiile referitoare
la profesioniștii înregistrați în
registrul comerțului sunt publice
până la radierea profesioniștilor din
registrul comerțului, intervenită ca
urmare a încetării exercitării
activității economice.
Ulterior radierii, datele sunt păstrate
într-un istoric al înregistrărilor
efectuate, accesul la aceste date fiind
permis numai în situațiile expres
prevăzute de lege.
Oficiul Național al Registrului Comerțului
este operatorul național de date responsabil,
cu sediul în
Bulevardul Unirii, nr. 74, bl. J3b, sector 3
București, România, Cod poștal 030837.
Tel: +40213160804
Fax:+40213160803
e-mail: [email protected]
Pagina de internet: https://www.onrc.ro
Portal: https://portal.onrc.ro
Adresa de e-mail pentru primire în format
electronic a copiei după cartea de identitate:
•Art. 511 din Legea nr. 26/1990 privind registrul comerțului,
republicată, cu modificările și completările ulterioare:
În exercitarea competenţelor sale prevăzute de lege, Oficiul
Naţional al Registrului Comerţului şi oficiile registrului
comerţului de pe lângă tribunale colectează, procesează şi
prelucrează date şi informaţii, inclusiv de natura datelor cu
caracter personal, cărora le sunt aplicabile prevederile Legii nr.
677/2001 pentru protecţia persoanelor cu privire la prelucrarea
datelor cu caracter personal şi libera circulaţie a acestor date, cu
modificările şi completările ulterioare.
•Art. 203 alin.(2) din Normele metodologice privind modul de
ținere a registrelor comerțului, de efectuare a înregistrărilor și de
eliberare a informațiilor, aprobate prin Ordinul nr. 2594/C/2008:
În vederea respectării dispoziţiilor legale referitoare la protecţia
persoanelor cu privire la prelucrarea datelor cu caracter personal şi
libera circulaţie a acestor date, în ceea ce priveşte informaţiile
despre asociaţii/acţionarii, administratorii, directorii, membrii
consiliului de supraveghere, membrii directoratului,
cenzorii/auditorii, reprezentanţii persoane fizice ai persoanelor
juridice, având calităţile anterior menţionate, înscrisurile eliberate
solicitanţilor, inclusiv copiile certificate, vor conţine numai
numele, data şi locul naşterii, cetăţenia şi statul de domiciliu ale
acestor persoane.
•Nota de informare afișată pe pagina de internet și pe portalul
ONRC.
Slovakia Information not available Information not available Information not available
Slovenia Data on companies entered to the
Court register as part of Slovenian
Business register (PRS) is public
according to Article 2 and 3 of the
Slovenian Business Register Act
(Official Gazette of the Republic of
The company data is entered to the register
(the Court register/PRS) by the Registry
Court (a registrar for companies). For any
kind of correction or change of data, data
subject has to turn to the Registry court, in
Privacy statement is contained in General terms and conditions for
the use of the AJPES Web Portal.
Please follow the link: https://www.ajpes.si/Terms_of_use
17
Country Question 1 Question 2 Question 3
Slovenia no. 49/2006 as amended)
and Article 7 (1) of The Court
Register Act (Official Gazette of the
Republic of Slovenia no. 54/07 as
amended), except data that is
protected as personal data by the law.
The Court Register Act prescribes
different ways the data is available to
the public (search, view, extracts,
access to documents) in Articles 7
and 48., and 48.a to 48. C.
In addition to the latest status
information on all business units,
there is also all previous entries,
changes and deletions of business
units kept in PRS. There is no time
limitation prescribed by the law in
Slovenia on availability of data
entered to the Court register and
PRS.
Also all documents of companies
based on which the data was entered
to the register is public (except for
personal data), with most recent
documents available on internet sites
of The Agency of the Republic of
Slovenia for Public Legal Records
and Related Services (AJPES) and all
other on demand at the registry
courts for unlimited time.
due process.
Link: http://www.sodisce.si/
Access to information of public character is
regulated in Republic of Slovenia by Act on
the Access to Information of Public
Character (Official Gazette of the Republic
of Slovenia no. 51/06 as amended).
If information made available in the business
register include information, which is also
subject to protected personal data in
accordance with the Personal data protection
Act (Official Gazette of the Republic of
Slovenia no. 94/2007), data subjects should
contact Information Commissioner, which is
an autonomous and independent body,
established with the Information
Commissioner Act, which supervises the
protection of personal data and the access to
public information - the right to access to
public information and the right to personal
data protection, are being enforced.
Information Commissioner
Republika Slovenija
Informacijski pooblaščenec
Zaloška 59
1000 Ljubljana
T: 01 230 97 30
F: 01 230 97 78
@: gp.ip(at)ip-rs.si
https://www.ip-rs.si/en/
18
Country Question 1 Question 2 Question 3
Spain In accordance with the current
Personal Data Protection regulation
in Spain and regarding to data
retention periods applied in the
Business Registers, we must take into
account what Article 2 of Royal
Decree 1720/2007, of 21 December,
approving the Regulation
implementing Organic Law 15/1999,
dated 13 December, on Personal Data
Protection (RLOPD), which states
that “2. The present regulations shall
not be applicable to data on
corporations or to files including the
data on the natural persons engaged
thereby that consist in no more than
first and last names, duties or
positions, postal or electronic
address, and professional telephone
and fax numbers. 3. Data on
individual business people that refer
to their engagement in trade, industry
or shipping shall likewise be
understood to be excluded from the
protection afforded personal data”
(…)”.
With the exception of Article 2
RLOPD, and, as a general rule, the
personal data information shall be
erased when it is no longer necessary
or relevant for the purpose for which
it was obtained or recorded. The
specific retention periods are
stablished by specific laws depending
on the subject. The main national
rules are the Constitutional Act
Spanish Business Registers depend on the
Ministry of Justice. All matters relating to
them are entrusted to the General Directorate
of Registers and Notaries (DGRN). Each
Business Register is in charge of one or more
Registrars. Registrars are public officials for
all legal purposes.
The Business Register is composed of the
Territorial Business Registers (established in
all Spain´s provincial capitals, extending
their jurisdiction to the territory of the
province, and, in addition, to some other
cities) and the Central Business Register
(based in Madrid).
Data Controller: Ministry of Justice (public
files) / Territorial Business Registers (private
files). Example: Madrid Business Register,
Barcelona Business Register, etc.
Location: Calle de San Bernardo, 45, 28071
(zip code), Madrid (Ministry of Justice) /
Paseo de la Castellana, 44, 28046 (zip code),
Madrid (Madrid Business Register) / Gran
Via de les Corts Catalanes, 184, 08038 (zip
code), Barcelona (Barcelona Business
Register).
Links:
http://www.mjusticia.gob.es/cs/Satellite/Port
al/en/inicio (Ministry of Justice);
http://www.mjusticia.gob.es/cs/Satellite/Port
al/es/ministerio/organigrama/subsecretaria/di
reccion-general-registros (General
Directorate of Registers and Notaries);
https://www.rmercantilmadrid.com/RMM/Ho
me/Index.aspx (Madrid Business Register);
• Every Territorial Business Register has developed its own
Privacy Policy, and the Association of Land and Business
Registrars of Spain (“Colegio de Registradores de la Propiedad,
Mercantil y Bienes Muebles de España – CORPME”) is not
responsible for the elaboration or content thereof. However,
telematic users (in order to inscribe their business information in
the Business Register) enter via CORPME website and, therefore,
our Privacy Policy must be applied and accepted.
http://www.registradores.org/politica-de-privacidad/
“De acuerdo con la Ley Orgánica de Protección de Datos de
Carácter Personal 15/1999, de 13 de diciembre, el usuario y titular
de los datos queda informado y presta su consentimiento
inequívoco a la incorporación de sus datos al fichero de
Consumidores y al tratamiento automatizado del mismo, siendo
responsable del fichero y del tratamiento el Colegio de
Registradores. El uso y fin del tratamiento es la atención a
ciudadanos usuarios de los servicios registrales.
La política de privacidad del Colegio de Registradores asegura el
ejercicio de los derechos de acceso, rectificación, cancelación, y
oposición en los términos establecidos en la legislación vigente,
pudiendo utilizar para ello cualquiera de los canales de
comunicación del Colegio de Registradores, con domicilio en la
Calle Diego de León nº 21, 28006 Madrid, utilizando el servicio
de Soporte LOPD (902 181 442 / 91 270 16 99 y 902 73 43 75), a
través de la dirección de correo electrónico
[email protected] o, en general, por el medio de
comunicación que habitualmente utilice.
El usuario también podrá dirigirse por escrito, en caso de que lo
encontrara necesario, al Colegio de Registradores, Servicio de
Sistemas de Información, Oficina de Seguridad, Calle Diego de
León nº 21, 28006 Madrid.
El Colegio de Registradores ha adoptado los niveles de seguridad
de protección de los Datos Personales legalmente requeridos, y ha
instalado todas las medidas técnicas y organizativas a su alcance
para evitar la pérdida, mal uso, alteración, acceso no autorizado y
19
Country Question 1 Question 2 Question 3
15/1999 on Personal Data Protection
(Spanish Data Protection Act –
SPDA) and the mentioned Royal
Decree 1720/2007, of 21 December,
approving the Regulation
implementing Organic Law 15/1999,
dated 13 December, on Personal Data
Protection (in accordance with the
common European rules).
http://w3.registromercantilbcn.es/?page_id=4
0705&lang=es (Barcelona Business Register)
Regarding the effective exercise of their
rights to information, to access, to rectify and
to object according to the applicable data
protection legislation data subjects should
contact, on a first instance, the Business
Register on which they have presented their
business information due to inscriptions must
be made in the Business Register
corresponding to the address of the
entrepreneur (individual) or corporations that
registers. Furthermore, due to the Association
of Land and Business Registrars of Spain
(“Colegio de Registradores de la Propiedad,
Mercantil y Bienes Muebles de España –
CORPME”) act as a data processor of the
Business Registers, data subjects could
contact the Association of Land and Business
Registrars of Spain (CORPME), once the
Business Registers have authorized to do it.
robo de los Datos, cuyo secreto y confidencialidad garantiza.
La aceptación del usuario para que puedan ser tratados sus Datos
en la forma indicada es condición necesaria para la prestación de
los servicios, de forma que el uso del mismo implica tal
aceptación, que tiene siempre carácter revocable, sin efectos
retroactivos, conforme a lo que disponen los artículos 6 y 11 de la
Ley Orgánica de Protección de Datos de Carácter Personal
15/1999, de 13 de diciembre. El usuario responderá, en cualquier
caso, de la veracidad de los Datos facilitados. El Colegio de
Registradores podrá excluir de los servicios prestados al usuario
que haya facilitado datos falsos, sin perjuicio de las demás
acciones que procedan en Derecho.
El Colegio de Registradores informa que por motivos de calidad
del servicio las llamadas realizadas al servicio de Atención al
Cliente del CORPME pueden ser grabadas, en cuyo caso pasarán
a formar parte de nuestros ficheros automatizados durante el plazo
de seis meses. Al hacer uso de nuestro servicio de Atención al
Cliente usted consiente tal circunstancia.
El Colegio de Registradores se reserva el derecho a modificar la
presente Política para adaptarla a novedades legislativas o
jurisprudenciales. En dichos supuestos el Colegio de
Registradores incluirá en el presente documento los cambios
introducidos con razonable antelación a su puesta en práctica”.
Sweden The information in the registry is
never deleted and it is always
available. On the other hand, there
are certain search restrictions for
dissolved companies - when it has
elapsed/passed five years since the
company was dissolved, it is only
possible to search on Registration
number and Company names.
Bolagsverket (Swedish Companies
Registration Office)
851 81 Sundsvall
Sverige
There is no specific privacy policy for our business. We apply the
rules and regulations valid for the processing of data in the
registry (as stated in the Companies Act (2005: 551) and the
Companies Act/ordinance (2005: 559)).
Read more here:
http://bolagsverket.se/om/oss/verksamhet/offentliga/personuppgift
er-1.2266