The Spanish Data Protection Authority did recently hold its 9th Annual Meeting, an event where its yearly first concerns are presented. The obvious priority in this respect consists of the implementation of the European General Data Protection Regulation, which is scheduled to fully enter into force on May 25, 2018. And online gambling is in the radar of the Spanish regulator.

Indeed, during the conference express reference to this sector was made by the Spanish Data Protection Agency. Particularly, when describing the role and functions of data protection officers, the spokesman of the authority mentioned online gambling as one of the several types of companies that, taking into account their kind of activity and the nature of their data processing, will have to appoint a data protection officer when the General Data Protection Regulation fully comes into force on May 25, 2018.

This announcement from the Spanish Data Protection Authority confirms that the use of proper procedures and clauses for the collection and processing of personal data from players should become one of the key regulatory concerns that licensed operators shoul bear in mind in connection with their Spanish operations.

Apart from gambling, the Spanish Data Protection Agency listed other sectors where -pursuant to its understanding of the GDPR- the appointment of a data protection officer will be mandatory. Those sectors are: insurance companies; electric energy distributors; credit intermediation system-operators; companies operating healthcare premises; education centers; and professional bar associations.

We should be expecting the Spanish Data Protection Authority issuing guidelines on this important matter in the next months. As soon as this happens, we will be informing you through this blog.