News and articles about data protection in Spain

The Court of justice of the European Union (CJEU) issued on July 16, 2020 an important ruling with regard to the data transfer regime between the European Union (EU) and the United States of America (USA) in so-called case ‘’Facebook Ireland v Schrems’’, whereby the personal data stored and processed by the United States does not meet the level of security required by the GDPR.

By this ruling, the CJEU invalidates Decision 2016/1250 on the adequacy of the protection provided by so-called ‘’ Privacy Shield’’, which allowed the transference of data between the operators from the EU and the US abide by their data protection principles without further formalities.

In July 2020, the Spanish Data Protection Agency (AEPD) published an updated Guide on the use of cookies, in accordance with new criteria on consent by the European Data Protection Committee.

The AEPD imposed an obligation on each website owner to adopt their cookie policies in accordance with new criteria before October 31, 2020.

Have you already made all the necessary changes?

Here is a brief summary of the modification we consider the most important.

Perhaps the most relevant novelty in the new Guide is that the ‘’continue browsing’’ mode is not a valid way to consent to downland the cookies.

Banksy is the pseudonym behind which an anonymous British artist hides. He is one of the most famous and unknown artists while at the same time he is dedicated to street art with a vindictive background.

There are many theories that try to deduce who this artist is, but none comes close to reality. Until now everyone knows that the anonymous author who appears from time to time creating street art is Banksy, but at present his anonymity is harming him and causing a very complex situation.

Some time ago, the artist claimed his work “Flower Thrower”

The Brexit deadline is planned to be the 31st January 2020 and the withdraw dial will bring a lot of changes that will affected also in the field of intellectual property, specifically on trademarks, its validity and its regulation after the UK exit from the EU.

Are Trademarks affected by Brexit?

Trademarks will effectively be affected after the Brexit, as well as the unitary effect that will cause in all EU Member States, as the EUTMs will no longer protect trademarks registered in the UK as it is exclusively a matter of the EU law,

The General Data Protection Regulation (GDPR), which is applicable from 25 May 2018 for all European Union companies that process data of European citizens, as well as for those companies established outside the European Union that process data of European citizens, in relation to an offer of products or services offered to them, or with the analysis of their behavior within the EU; and the Spanish “Ley Orgánica de Protección de Datos y garantía de los derechos digital” (LOPDGDD), which has been fully applicable since 5 December 2018 and is binding within Spanish territory.

Nowadays, there will still be companies which are not adapted to the new legislation. If you are not up-to-date with the General Data Protection Regulation (GDPR), you can risk fines of up to Euros 20,000,000 or 4% of the total annual income, and the competent Control Authority in Spain, the Spanish Data Protection Agency (AEPD) will opt for the highest amount. In Letslaw we can help you to be adapted to both the GDPR and the new Local Law in this respect.

How do I know if I do any data processing in my restaurant?

Do you need the redrafting of contracts under the new GDPR? We, at Letslaw, keep our commitment to inform of how the entry into force of the new General Data Protection Regulation is affecting the drafting of new contracts.

This regulation entails many novelties and we have already talked about how to implement it and of the differences with the LOPD. Lets have a look at the new contractual developments that must take into account in the redrafting of contracts under the new GDPR.

Agreement between Controller and Processor

The new General Data Protection Regulation (hereafter,

It is so important for your business to learn about the main differences between LOPD and GDPR as well as the latest news about the regulatory framework in data protection.

Almost everything we do in our day to day life has some effect on our privacy, even if many times we are not aware of these details. This is the main reason for the existence of a normative that regulates everything that happens with our data.

Due to the cross-border nature of the Internet a primary purpose of the GDPR is to harmonize data privacy protection regulations across the EU member nations,

In order to provide their services, hotels need to collect different types of personal data from their customers. They must, therefore, take into account specific data protection regulations.

Under the new General Data Protection Regulation (GDPR), effective as of 25 May 2018, hotels may foresee and apply all measures and policies necessary to prevent any inappropriate processing of personal data of their guests, workers, etc. It is therefore of utmost importance that hotels apply correctly the GDPR before said date.

What does a Hotel need to do to comply with the Law?