Face recognition in exams: Is it proportionate?

The Catalan Data Protection Authority (Autoritat Catalana de Protecció de Dades) has sanctioned the Universitat Oberta de Catalunya for collecting biometric data from its students through face recognition, in order to verify that they were…
multa a orange por fotografiar DNI de sus clientes

Orange fined for photographing customers’ ID cards

The Spanish Data Protection Agency has fined Orange for photographing the ID cards of its clients at the time of delivering packages to their homes. Specifically, it photographed the front and back of the ID card. What was the procedure? The…

ChatGPT, threat or partner?

What is ChatGPT? ChatGPT is a natural language processing tool powered by Artificial Intelligence, which allows fluent conversations similar to human ones. It also facilitates the user to perform tasks such as essays, writing emails, composing…

The advent of Data Clean Room

The purpose of finding a balance between Data Protection and the need to share it is an issue that is constantly in the spotlight. Digital platforms, brands... must have access to user data in order to achieve better performance as closely…

Two Valencian companies fined almost half a million euros for using pirated software

The use of unlicensed software is one of the main threats to digital security in companies. It involves security vulnerabilities for users and companies, giving rise to attempts to invade devices or networks. The Commercial Court number 2 of…

Transborder data transfers: PIPL, CCPA, VCDPA

The scope of cross-border data transfers The publication of the General Data Protection Regulation (GDPR) on May 25, 2016 in the European Union, served as inspiration worldwide for the implementation of data privacy laws. Many countries,…

The risks of using free VPNs

Virtual Private Networks are services that guarantee users' privacy on the Internet. In this way, users can encrypt their connection and anonymize their browsing by allowing them to connect to servers in other countries.  Coinciding with…
Situación de acoso laboral

Sexual harassment, a criminal responsibility for the company

Last October 7, Organic Law 10/2022, of September 6, on the integral guarantee of sexual freedom, came into force.  In its article 12, it contemplates the commission of crimes and other conducts against sexual freedom and moral integrity…
FUTBOL

Sanction for recording underage soccer match

In procedure PS/00313/2021, the Spanish Data Protection Agency (AEPD) has imposed a fine of €3,000 on a company specialized in recording soccer matches for capturing images of minors without prior consent from their parents. On April 9, 2021,…
correo electrónico

Penalty for sending an email without blind copy

Is it possible to send emails with addresses without blind copy? The AEPD states that email addresses are considered personal data. Therefore, their processing must comply with data protection regulations. Consequently, this data may not be…

Sanctions of up to 5,000€ to real estate companies for not informing the interested party of the processing of their personal data

The AEPD imposes penalties to real estate companies of up to 5,000 € for not informing the interested party of the processing of their personal data. Several affected parties have filed complaints to the AEPD, in relation to the use of their…

Installation of video surveillance cameras on public streets

Video surveillance cameras that focus on the public highway On January 27, 2022 an individual filed a complaint to the AEPD, due to the installation of video surveillance cameras by another individual, which focused on the surrounding public…
dominios web robados

How to recover a domain

In this post we will show the different ways to follow, with the aim to know how to recover a domain name   What is a web domain How to recover a domain name is the question we should ask ourselves when faced with any problem that may…

Giving bad references of a former employee can cost you €6,000

Consequences of giving bad references about a former employee The Social Court of the TSJ of Madrid has sentenced a company to immediately cease giving bad references about a former employee to third companies interested in hiring her, as well…

Black Friday and website Privacy Policy

Does your website comply with the Data Protection Law for Black Friday?   The importance of the Privacy Policy of websites On August 26, 2022, an individual filed a complaint to the AEPD against a company for not providing sufficient…
anteproyecto de ley

Approval of the preliminary draft law protecting whistleblowers from infractions through whistleblower reporting channels

The draft law protecting whistleblowers regulates a confidential whistleblowing channel and creates and defines the functions of a new competent authority On March 4, 2022, the preliminary draft law was approved, which purpose is to protect…
instagram influencers

Advertising through influencers

Influencers, the best tool to reach your target audience. The widespread use of the communication strategy in social networks has allowed brands to reach the public in a very simple way through the so-called "Influencers". Consequently, we…

Cyclist fined for taking pictures of car number

A cyclist was fined for taking pictures of car number The Bavarian Data Protection Authority (DPA) fined a cyclist for taking pictures of car numbers of wrongly parked cars. The cyclist's aim was to send the pictures to the police in order…

The use of Microsoft 365 in German schools is now prohibited.

The German Federal and State Data Protection Authorities (hereinafter DSK) have prohibited the use of the Microsoft 365 pack in German schools, due to an incompatibility between the Microsoft 365 pack and the Data Protection laws of Germany…
delegado de protección de datos

The DPO in the European Union

Javier Sempere Samaniego, Data Protection Officer of the Spanish General Council of the Judicial Power, has prepared for the Spanish Professional Privacy Association (APEP) an informative note about the sanctioning resolutions adopted by the…

The impact of the new Digital Markets Act (DMA)

The need to update Directive 2000/31/EC: With the advent of the Internet at the end of the 20th century, the increase in digital services, businesses and platforms has had a significant impact on the European economy, generating a need to regulate…
Grupos whatsapp empresa

Whatsapp groups in the company

The Spanish Data Protection Agency has recently published different resolutions on the prohibition or not of using workers' phone numbers to add them in Whatsapp groups of the company. These resolutions may seem contradictory to each other,…

Obligatory whistleblower channel for companies

Following the entry into force in 2019 of EU Directive 2019/1937 on the Protection of Whistleblowers, also known as the "Whistleblowing Directive", companies are required to set up an internal whistleblower channel. In this way, employees…
ley de servicios digitales

Digital Services Act (DSA)

On July 5, 2022, the EU Regulation on the Digital Services Act (DSA) was approved. The aim of this Act, like the Digital Markets Act (DMA), is to implement the rules that will govern a future European digital single market. In this way,…
Concienciación del empleado

Employee training awareness

,
We have heard that the weakest link in a security chain is the processing of information by employees. Some of the most common risks of not implementing employee training include changing passwords on computers and their lack of security, documents…
Consejos para tener un servicio correcto Protección de Datos

Data Protection Officer Service

,
The Data Protection Officer Service can be provided internally by means of an employment contract or externally in the framework of a contract of services provided. The General Data Protection Regulation (GDPR) establishes a series of "proactive…
Auratech Legal Solutions - RGPD

New Technology and Advertising Law

,
The different disciplines covered by this section of New Technologies and Advertising Law are as follows These are some of the services we provide: We advise on regulatory compliance of promotional actions prior to their launch to avoid…
Adaptación E-Comerce

Adaptation of web and App to legislation

,
It is important to increase legal security in a changing medium such as the digital environment. Therefore, we must ensure that the web and App are correctly adapted to the legislation. In Auratech we offer the service of adaptation and implementation…
Certificaciones ISO

Data Protection Audit and ISO ISMS Certifications

,
Data Protection Audit In the regulation of development of the old LOPD it was clearly stated that a Data Protection Audit should be carried out every two years, in all organizations that had some level of security measures. Article 96 Audit.…
Auratech Legal Solutions - Blanqueo de Capitales

Prevention of Money Laundering and Financing of Terrorism

,
Auratech's team of lawyers will make your company comply with the Law 10/2010 on Prevention of Money Laundering. The legal advice service that we offer to adapt to the Prevention of Money Laundering Legislation allows you to contact us…
Auratech Legal Solutions - Asesoría RGPD

Data Protection advice

,
To comply with the GDPR legislation with an efficient advice in Data Protection means to give confidence to the clients. We focus on what really matters to you. We are not going to say how many years we have been in the sector, neither the…
Adaptación RGPD

Data Protection Services. Consulting and advice

,
By hiring our data protection services, you will be able to come into effect with national, European and International privacy regulations in a short period. The main reason for the Data Protection regulations is, year by year, to implement…

The ICO condened four companies for making abusive commercial calls.

The ICO condened four companies for making abusive commercial calls. These companies have paid a £370,000 fine, for making more than 800,000 abusive commercial calls to individuals.  These phone calls consisted in offering home repairs. They…