Posts

Cookie Banner Sanction: Consent, Rejection and AEPD Criteria

Cookie banner sanction: consent, rejection, cookie policy and AEPD criteria to avoid fines for non-compliant cookie banners.

Free VPNs: Privacy and Security Risks You Should Know

Risks of free VPNs: activity logging, advertising, fake apps, data leaks and a checklist for choosing a reliable VPN.
FUTBOL

Sanction for recording underage soccer match

In procedure PS/00313/2021, the Spanish Data Protection Agency (AEPD) has imposed a fine of €3,000 on a company specialized in recording soccer matches for capturing images of minors without prior consent from their parents. Sanction for…
correo electrónico

Sending an email without blind copy

Is it possible to send emails with addresses without blind copy? Sending an email without blind copy can involve fines.  The AEPD states that email addresses are considered personal data. Therefore, their processing must comply with data…

Lack of information on the processing of personal data

The AEPD imposes penalties to real estate companies of up to 5,000 € for not informing the interested party of the processing of their personal data. Several affected parties have filed complaints to the AEPD, in relation to the use of their…

Video Surveillance in Public Spaces: GDPR Limits for Private Cameras

When private cameras may capture public spaces, AEPD limits and a checklist to reduce GDPR sanction risk.
dominios web robados

How to Recover a Domain Name: Legal and Technical Steps

How to recover a lost, hijacked or third-party domain: evidence, registrar, ICANN, trademarks, legal action and prevention.

Bad References About a Former Employee: Employment and GDPR Risks

Giving bad references about a former employee may create employment, reputational and data protection risks without a valid basis.

Black Friday and Privacy Policy

Does your website comply with the Data Protection Law for Black Friday? The importance of the Privacy Policy of websites On August 26, 2022, an individual filed a complaint to the AEPD against a company for not providing sufficient information…
anteproyecto de ley

Whistleblowing Channel: From Draft Law to Law 2/2023 in Spain

The draft law on whistleblowing channels led to Law 2/2023 in Spain. What changed and what companies should review.
instagram influencers

Advertising through influencers

 theInfluencers, the best tool to reach your target audience. Advertising through influencers. The widespread use of the communication strategy in social networks has allowed brands to reach the public in a very simple way through the so-called…
Digital Markets Act DMA obligations for gatekeepers and core platform services in the EU.

Digital Markets Act DMA: key obligations

The Digital Markets Act DMA regulates gatekeepers and core platform services. Key obligations and practical effects for digital businesses in the EU.
Company WhatsApp groups and use of employees phone numbers under the GDPR.

Company WhatsApp groups and GDPR

When companies can add employees to WhatsApp groups and what the GDPR requires: legal basis, minimisation and confidentiality.
Mandatory whistleblowing channel for companies under Spain Law 2/2023.

Mandatory whistleblowing channel for companies in Spain

Spain Law 2/2023 requires many companies to implement an internal whistleblowing channel with confidentiality, deadlines and data protection safeguards.
Digital Services Act DSA obligations for online platforms and intermediary services in the EU.

Digital Services Act DSA: key obligations

The Digital Services Act DSA is now applicable, setting obligations for online platforms, marketplaces, search engines and intermediary services in the EU.
Concienciación del empleado

Employee training awareness

We have heard that the weakest link in a security chain is the processing of information by employees. Employee training awareness. Some of the most common risks of not implementing employee training include changing passwords on computers…
Consejos para tener un servicio correcto Protección de Datos

Data Protection Officer Service

The Data Protection Officer Service can be provided internally by means of an employment contract or externally in the framework of a contract of services provided. The General Data Protection Regulation (GDPR) establishes a series of "proactive…
Auratech Legal Solutions - RGPD

New Technologies and Advertising Law

The different disciplines covered by this section of New Technologies and Advertising Law are as follows: New Technologies and Advertising Law. These are some of the services we provide: We advise on regulatory compliance of promotional…
Adaptación E-Comerce

Adaptation of web and App to legislation

It is important to increase legal security in a changing medium such as the digital environment. Therefore, we must ensure that the web and App are correctly adapted to the legislation. In Auratech we offer the service of adaptation and implementation…

Data Protection Audit and ISO ISMS Certifications

Data Protection Audit and ISO ISMS Certifications 1.- Data Protection Audit Data Protection Audit and ISO ISMS Certifications. In the regulation of development of the old LOPD it was clearly stated that a Data Protection Audit should be carried…
Auratech Legal Solutions - Asesoría RGPD

Data Protection advice

To comply with the GDPR legislation with an efficient advice in Data Protection means to give confidence to the clients. We focus on what really matters to you. We are not going to say how many years we have been in the sector, neither the…
Adaptación RGPD

Data Protection Services. Consulting and advice

By hiring our data protection services, you will be able to come into effect with national, European and International privacy regulations in a short period. The main reason for the Data Protection regulations is, year by year, to implement…