LOCAL PUBLIC COMPANY (SPL) and the GDPR

A Local public company (SPL) is a company whose majority of capital is held by local authorities (municipalities, departments, regions) or their groups.

Its purpose is to carry out activities of public interest, such as the construction of infrastructure, the management of public services or local economic development. The SPL can be created in different fields, such as transport, energy, regional planning, tourism, etc. It can be in the form of a public limited company (SA) or a limited liability company (SARL).

Some examples of personal data that the SPL can treat:

• Personally identifiable information: This may include data such as name, address, email address, telephone number, date of birth and social security number.
• Financial information: This may include information such as credit card numbers, banking information, payment information, debts and financial assets.
• Job Information: This may include information such as employee name, employee address, salary, leave details and benefits.
• Information about partners and suppliers: This may include information such as name, address, telephone number and contract terms.
• Customer Information: This may include information such as the customer's name, address, telephone number and purchase history.

It is important to note that SPLs are subject to regulations regarding the protection of personal data and must comply with applicable data protection laws, such as the General Data Protection Regulation (GDPR) in Europe and the Consumer Online Privacy Protection Act (CCPA) in California. SPLs must ensure that all personal data they collect is treated securely and in accordance with applicable laws.