We use cookies to customise content for your subscription and for analytics.
If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

Search results

Order by: most recent most popular relevance



Results: 1-10 of 41

Spain - take "etc" out of your direct marketing consent noticesbefore you get fined
  • Baker & McKenzie
  • Spain
  • April 23 2015

The Spanish Data Protection Authority (Resolution No. 3042015, dated 12 March 2015) imposed a 10,000 fine on a telecoms company for breach of the


Privacy Impact Assessments the sooner, the better!
  • Baker & McKenzie
  • European Union, Spain
  • February 9 2015

The European Commission is currently revisiting the EU Data Protection Framework in order to provide more safeguards for online privacy rights. One


Spanish DPA imposes fines for data breach involving gym members
  • Baker & McKenzie
  • Spain
  • December 5 2012

The Spanish Data Protection Authority (DPA) in Resolution No 008062012 has fined a gym for a data breach violation involving personal data of its members


Security breach notification rules implemented in Spain
  • Baker & McKenzie
  • European Union, Spain
  • December 6 2012

Royal Decree-Law 132012, which incorporates the new European regulatory framework on electronic communications contained in Directive 2009136EC (Citizens' Rights) and Directive 2009140EC (Better Regulation), came into effect on 1 April 2012


Spain - prison sentence for hacking social networking accounts
  • Baker & McKenzie
  • Spain
  • July 15 2013

The Criminal Court No. 1 of Pamplona has sentenced an individual to one year imprisonment and a twelve-month fine at 6 Euros per day for an offence


Spain- a 2-cm size photo does not qualify as PII
  • Baker & McKenzie
  • Spain
  • July 15 2013

In a case where an individual filed a complaint against an entity for an allegedly data protection infringement, i.e. publishing a photo on the


Spain - former HR manager discloses employee health data breach
  • Baker & McKenzie
  • Spain
  • March 18 2014

The Spanish DPA (Resolution No. R30142013 dated 14 February 2014) initiated a sanctioning procedure against a company after having received a


Spain - hypermarket fined 20,000 for data security infringement
  • Baker & McKenzie
  • Spain
  • March 18 2014

The Spanish National Court (ruling dated 2 July 2013) has upheld a 20,000 sanction imposed by the Spanish DPA on a hypermarket for lack of


Spain - first cookies enforcement
  • Baker & McKenzie
  • Spain
  • March 18 2014

The Spanish Data Protection Authority "DPA" (Procedure No. 003212013) has recently imposed fines on two companies for using cookies on their


Deposit of sub-processing agreements to data protection authorities not required
  • Baker & McKenzie
  • European Union
  • October 19 2010

The Article 29 Working Party adopted FAQs intended to address a number of issues raised by the application of the standard contractual clauses for the transfer of personal data to non-EEA-based processors (contractual clauses "controller to processor") and the conditions for sub-processing of personal data between a non-EEA-based processor and non-EEA-based sub-processor