Entries by Mario De la Peña

Two Valencian companies fined almost half a million euros for using pirated software

The use of unlicensed software is one of the main threats to digital security in companies. It involves security vulnerabilities for users and companies, giving rise to attempts to invade devices or networks. The Commercial Court number 2 of Alicante imposed a fine of €453,000 for damages against two companies in Valencia for the reproduction […]

Transborder data transfers: PIPL, CCPA, VCDPA

The scope of cross-border data transfers The publication of the General Data Protection Regulation (GDPR) on May 25, 2016 in the European Union, served as inspiration worldwide for the implementation of data privacy laws. Many countries, following this, began to develop a very similar law to protect the rights and freedoms of individuals within their […]

The risks of using free VPNs

Virtual Private Networks are services that guarantee users’ privacy on the Internet. In this way, users can encrypt their connection and anonymize their browsing by allowing them to connect to servers in other countries.  Coinciding with the summer holidays, due to the fact that booking prices vary from one country to another, VPNs are a […]

Sanction for recording underage soccer match

In procedure PS/00313/2021, the Spanish Data Protection Agency (AEPD) has imposed a fine of €3,000 on a company specialized in recording soccer matches for capturing images of minors without prior consent from their parents. On April 9, 2021, the claimant filed a complaint to the Spanish Data Protection Agency against a company that records soccer […]

Penalty for sending an email without blind copy

Is it possible to send emails with addresses without blind copy? The AEPD states that email addresses are considered personal data. Therefore, their processing must comply with data protection regulations. Consequently, this data may not be used or disclosed without the consent of the person concerned. In order to be able to send or receive […]

Sanctions of up to 5,000€ to real estate companies for not informing the interested party of the processing of their personal data

The AEPD imposes penalties to real estate companies of up to 5,000 € for not informing the interested party of the processing of their personal data. Several affected parties have filed complaints to the AEPD, in relation to the use of their personal data by real estate companies. They stated that neither in the leasing […]

How to recover a domain

In this post we will show the different ways to follow, with the aim to know how to recover a domain name   What is a web domain How to recover a domain name is the question we should ask ourselves when faced with any problem that may arise in situations in which a third […]

Black Friday and website Privacy Policy

Does your website comply with the Data Protection Law for Black Friday?   The importance of the Privacy Policy of websites On August 26, 2022, an individual filed a complaint to the AEPD against a company for not providing sufficient information on its website to the user about the processing of his personal data. According […]

Approval of the preliminary draft law protecting whistleblowers from infractions through whistleblower reporting channels

The draft law protecting whistleblowers regulates a confidential whistleblowing channel and creates and defines the functions of a new competent authority On March 4, 2022, the preliminary draft law was approved, which purpose is to protect people who report criminal, unethical or irregular behavior. This bill is aimed at the public sector and all companies […]

Advertising through influencers

Influencers, the best tool to reach your target audience. The widespread use of the communication strategy in social networks has allowed brands to reach the public in a very simple way through the so-called “Influencers”. Consequently, we can observe more and more collaborative publications in different media where content creators and brands come together in […]

The impact of the new Digital Markets Act (DMA)

The need to update Directive 2000/31/EC: With the advent of the Internet at the end of the 20th century, the increase in digital services, businesses and platforms has had a significant impact on the European economy, generating a need to regulate all these activities. In 2000, Directive 2000/31/EC was approved, which regulated information society services […]

Whatsapp groups in the company

The Spanish Data Protection Agency has recently published different resolutions on the prohibition or not of using workers’ phone numbers to add them in Whatsapp groups of the company. These resolutions may seem contradictory to each other, which has caused confusion for the public, as they have been published with only days of difference between […]

Obligatory whistleblower channel for companies

Following the entry into force in 2019 of EU Directive 2019/1937 on the Protection of Whistleblowers, also known as the “Whistleblowing Directive”, companies are required to set up an internal whistleblower channel. In this way, employees or any third party, whether or not related to the company, can make complaints anonymously. Through such complaints, they […]

Digital Services Act (DSA)

On July 5, 2022, the EU Regulation on the Digital Services Act (DSA) was approved. The aim of this Act, like the Digital Markets Act (DMA), is to implement the rules that will govern a future European digital single market. In this way, the fundamental rights of Internet users will be protected, as well as […]