We use cookies to customise content for your subscription and for analytics.
If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

Search results

Order by: most recent most popular relevance



Results: 1-10 of 41

First P2P data transfer agreement model for processors located in Spain
  • Baker McKenzie
  • Spain
  • February 15 2013

The Spanish Data Protection Authority (DPA) has authorized a first processor-to-processor model clause (P2P Model) for international data transfers


Spain- data processor fined for breaching consent rule
  • Baker McKenzie
  • Spain
  • December 1 2014

The Spanish National Court (ruling dated 28 February 2014) upheld a 6,000 sanction imposed on a data processor due to infringement of the consent


Spain - take "etc" out of your direct marketing consent noticesbefore you get fined
  • Baker McKenzie
  • Spain
  • April 23 2015

The Spanish Data Protection Authority (Resolution No. 3042015, dated 12 March 2015) imposed a 10,000 fine on a telecoms company for breach of the


Spain - 20,000 euros fine for breaching a statutory health data retention period
  • Baker McKenzie
  • Spain
  • October 21 2013

The Spanish DPA (Resolution R032122012 dated March 1, 2013) imposed a 20,000 fine on a company for breaching a health data retention period


Privacy Impact Assessments the sooner, the better!
  • Baker McKenzie
  • European Union, Spain
  • February 9 2015

The European Commission is currently revisiting the EU Data Protection Framework in order to provide more safeguards for online privacy rights. One


Spanish DPA imposes fines for data breach involving gym members
  • Baker McKenzie
  • Spain
  • December 5 2012

The Spanish Data Protection Authority (DPA) in Resolution No 008062012 has fined a gym for a data breach violation involving personal data of its members


Security breach notification rules implemented in Spain
  • Baker McKenzie
  • European Union, Spain
  • December 6 2012

Royal Decree-Law 132012, which incorporates the new European regulatory framework on electronic communications contained in Directive 2009136EC (Citizens' Rights) and Directive 2009140EC (Better Regulation), came into effect on 1 April 2012


Spain - former HR manager discloses employee health data breach
  • Baker McKenzie
  • Spain
  • March 18 2014

The Spanish DPA (Resolution No. R30142013 dated 14 February 2014) initiated a sanctioning procedure against a company after having received a


Sanction for obstructing the inspection function of the Spanish DPA
  • Baker McKenzie
  • Spain
  • February 15 2013

The Spanish National Tribunal (judgment 2 November 2012) upheld a fine of 200,000 Euros imposed on a company by the Spanish DPA (resolution


Spain - prison sentence for hacking social networking accounts
  • Baker McKenzie
  • Spain
  • July 15 2013

The Criminal Court No. 1 of Pamplona has sentenced an individual to one year imprisonment and a twelve-month fine at 6 Euros per day for an offence