Supervisory Authorities in the European Union and Other Countries for Personal Data Protection
Of interest to you
In accordance with Article 51 of the General Data Protection Regulation (GDPR), each Member State of the European Union is required to establish an independent Supervisory Authority. These entities play a crucial role in ensuring GDPR compliance…
Real cases of fines for cookies
Of interest to youReal Cases of Fines for Cookies
In today’s digital environment, compliance with cookie regulations is essential to avoid significant penalties. Below is a summary of recent GDPR fines related to cookies and how to ensure your website complies…
The Equality Officer: Roles, Training and Requirements
Of interest to youIn a context where gender equity emerges as a fundamental pillar, the figure of the equality officer positions itself as an indispensable piece within the business ecosystem. Their role extends beyond public bodies or specific projects, integrating…
Biometric Data Processing in the Workplace: the AEPD Guide
Of interest to youDo you know how the new AEPD guide on biometric processing in the workplace affects your company?
In this article, we explain the main changes introduced by this guide. These modifications represent a radical shift in the AEPD's interpretation…
Special categories of data under the GDPR
Of interest to youIntroduction
In the digital age, the collection and processing of personal data are ubiquitous. However, some types of data, known as special categories of data or sensitive data, are particularly sensitive and require special treatment.
The…
Company sanctioned for non-compliance with the Cookie Guide
Of interest to youIn this post we will analyze a recent resolution of the Spanish Data Protection Agency (AEPD) about a company sanctioned for non-compliance with the Cookie Guide (published in July 2020) on its website.
The Spanish Data Protection Agency (AEPD)…
The new US-EU Privacy Framework
Of interest to youThe new US-EU privacy framework has arrived. On 10 July, the European Commission adopted the adequacy decision on the US-EU privacy framework.
Does the new US-EU Privacy Framework comply with the adequate level of protection?
The European…
Updated Guide on the Use of Cookies
Of interest to youThe Spanish Data Protection Agency has published on 11 July 2023 the Updated Guide on the Use of Cookies.
Auratech will analyse the new changes included in it, with the aim of informing the user about the importance of using cookies in accordance…
Is the end of spam calls?
Of interest to youWhat does the General Telecommunications Law ("LGT") say about "spam" calls?
Is the end of spam calls? The General Communications Law ("LGT") was published on 28 June 2022.
In its article 66.1.b) it mentions that end users of interpersonal…
Property agency fined for exposing images of minors
Of interest to youThe fine imposed on a property agency for exposing images of minors has highlighted the importance of protecting the rights of minors.
An individual filed a complaint with the Spanish Data Protection Agency, with the aim of highlighting the…
How can I record my employees?
Of interest to youAbsence of the duty to inform when installing security cameras at work.
How can I record my employees?
On 18 May 2022, an individual filed a complaint with the Spanish Data Protection Agency against his employer. He installed video surveillance…
Face recognition in exams: Is it proportionate?
Of interest to youThe Catalan Data Protection Authority (Autoritat Catalana de Protecció de Dades) has sanctioned the Universitat Oberta de Catalunya for collecting biometric data from its students through face recognition, in order to verify that they were…
Orange fined for photographing customers’ ID cards
Of interest to youOrange fined for photographing customers' ID cards at the time of delivering packages to their homes.
Specifically, it photographed the front and back of the ID card.
What was the procedure?
The employee of the delivery company used to…
ChatGPT. Threat or partner?
Of interest to youWhat is ChatGPT?
In order to answer the question "ChatGPT. Threat or partner?"we must first know the meaning of ChatGPT.
It is a natural language processing tool powered by Artificial Intelligence, which allows fluent conversations similar…
The advent of Data Clean Room
Of interest to youThe purpose of finding a balance between Data Protection and the need to share it is an issue that is constantly in the spotlight.
Digital platforms, brands... must have access to user data in order to achieve better performance as closely…
Two Valencian companies fined almost half a million euros for using pirated software
Of interest to youSeveral companies face fine for illegal software
The use of unlicensed software is one of the main threats to digital security in companies. It involves security vulnerabilities for users and companies, giving rise to attempts to invade devices…
Transborder data transfers
Of interest to youThe scope of transborder data transfers
The publication of the General Data Protection Regulation (GDPR) on May 25, 2016 in the European Union, served as inspiration worldwide for the implementation of data privacy laws.
Many countries,…
The risks of using free VPNs
Of interest to youThe risks of using free VPNs are not few in number.
Virtual Private Networks are services that guarantee users' privacy on the Internet. In this way, users can encrypt their connection and anonymize their browsing by allowing them to connect…
Sexual harassment in the company
Of interest to youSexual harassment in the company. Last October 7, Organic Law 10/2022, of September 6, on the integral guarantee of sexual freedom, came into force.
In its article 12, it contemplates the commission of crimes and other conducts against…
Sanction for recording underage soccer match
Of interest to youIn procedure PS/00313/2021, the Spanish Data Protection Agency (AEPD) has imposed a fine of €3,000 on a company specialized in recording soccer matches for capturing images of minors without prior consent from their parents.
Sanction for…
Sending an email without blind copy
Of interest to youIs it possible to send emails with addresses without blind copy?
Sending an email without blind copy can involve fines.
The AEPD states that email addresses are considered personal data. Therefore, their processing must comply with data…
Lack of information on the processing of personal data
Of interest to youThe AEPD imposes penalties to real estate companies of up to 5,000 € for not informing the interested party of the processing of their personal data.
Several affected parties have filed complaints to the AEPD, in relation to the use of their…
Video surveillance cameras on public streets
Of interest to youVideo surveillance cameras that focus on the public highway
Video surveillance cameras on public streets. On January 27, 2022 an individual filed a complaint to the AEPD, due to the installation of video surveillance cameras by another individual,…
How to recover a domain
Of interest to youIn this post we will show the different ways to follow, with the aim to know how to recover a domain name
What is a web domain
How to recover a domain name is the question we should ask ourselves when faced with any problem that may…
Giving bad references of a former employee can cost you €6000
Of interest to youConsequences of giving bad references about a former employee
Fine for giving bad references. The Social Court of the TSJ of Madrid has sentenced a company to immediately cease giving bad references about a former employee to third companies…
Black Friday and Privacy Policy
Of interest to youDoes your website comply with the Data Protection Law for Black Friday?
The importance of the Privacy Policy of websites
On August 26, 2022, an individual filed a complaint to the AEPD against a company for not providing sufficient information…
Preliminary draft of Whistleblower reporting channels.
Of interest to youThe draft law protecting whistleblowers regulates a confidential whistleblowing channel and creates and defines the functions of a new competent authority
Preliminary draft of Whistleblower reporting channels. On March 4, 2022, the preliminary…
Advertising through influencers
Of interest to you theInfluencers, the best tool to reach your target audience.
Advertising through influencers. The widespread use of the communication strategy in social networks has allowed brands to reach the public in a very simple way through the so-called…
Cyclist fined for taking pictures of car number
Of interest to youA cyclist was fined for taking pictures of car number
Cyclist fined for taking pictures of car number. The Bavarian Data Protection Authority (DPA) found the cyclist's action unlawful.
The cyclist's aim was to send the pictures to the police…
Microsoft 365 in German schools prohibited
Of interest to youThe use of Microsoft 365 in German schools is now prohibited. The German Federal and State Data Protection Authorities (hereinafter DSK) have prohibited the use of the Microsoft 365 pack in German schools, due to an incompatibility between the…
The DPO in the European Union
Of interest to youIn this article we will analyse the figure of the DPO in the EU (European Union).
Javier Sempere Samaniego, Data Protection Officer of the Spanish General Council of the Judicial Power, has prepared for the Spanish Professional Privacy Association…
The impact of the new Digital Markets Act (DMA)
Of interest to youThe need to update Directive 2000/31/EC:
The impact of the new Digital Markets Act (DMA). With the advent of the Internet at the end of the 20th century, the increase in digital services, businesses and platforms has had a significant impact…
Whatsapp groups in the company
Of interest to youThe Spanish Data Protection Agency has recently published different resolutions on the prohibition or not of using workers' phone numbers to add them in Whatsapp groups of the company.
These resolutions may seem contradictory to each other,…
Obligatory whistleblower channel for companies
Of interest to youObligatory whistleblower channel for companies. Following the entry into force in 2019 of EU Directive 2019/1937 on the Protection of Whistleblowers, also known as the "Whistleblowing Directive", companies are required to set up an internal…
Digital Services Act (DSA)
Of interest to youOn July 5, 2022, the EU Regulation on the Digital Services Act (DSA) was approved.
The aim of this Act, like the Digital Markets Act (DMA), is to implement the rules that will govern a future European digital single market.
In this way,…
The ICO condened four companies for making abusive commercial calls.
Of interest to youThe ICO condened four companies for making abusive commercial calls. These companies have paid a £370,000 fine, for making more than 800,000 abusive commercial calls to individuals.
These phone calls consisted in offering home repairs. They…