Neither would be authorized the disclosure of relevant information by the bodies of the representatives of the workers by any means since publication of the information could involve the transfer of data covered by the provisions of article 11 of the above-mentioned Act. In addition, should take responsibility in adopting the technical and organizational measures necessary to guarantee the security of the personal data and avoid their alteration, loss, treatment or unauthorized access, taking into account the State of technology, nature of the data stored and the risks to which they are exposed, whether they are from human action or the physical or natural environment as established it in article 9 of the data protection act and its implementing regulations. In turn, article 10 of the data protection Act imposes a duty of confidentiality to anyone involved in the processing of personal data, so members of the Works Council or staff delegates would also be bound to a duty of secrecy and confidentiality of the information which had access in the course of the development of its activity, adding even that these obligations subsist even after completing their relations with the owner of the file or, where applicable, with the head of the same. Similarly, paragraph 2 of the aforementioned article 65 et establishes that the members of the company, and this Committee as a whole, shall observe professional secrecy as regards paragraphs 1, 2nd, 3rd, 4th and 5 of paragraph 1 of the preceding article, even after leaving belong to the Works Council and especially in all matters about which address expressly point to the reserved character. In any case, any kind of document supplied by the company to the Committee may be used beyond the strict scope of that and for different purposes that motivated his delivery. In last place, to strengthen these legal provisions the employer could do to all the members of the Works Council or staff delegates sign a confidentiality document which would commit themselves explicitly and in writing to comply with all legal provisions. For all the foregoing reasons, the company could be repeated against those, any penalties or administrative fines that were imposed by the AEPD: Audea, safety of information Karol Sedkowski consultant Legal, audea.