Posts

Cookie Banner Sanction: Consent, Rejection and AEPD Criteria
Of interest to youCookie banner sanction: consent, rejection, cookie policy and AEPD criteria to avoid fines for non-compliant cookie banners.

AEPD Cookie Guide: Key Changes for Websites
Of interest to youAEPD Cookie Guide: accept, reject, configure, non-essential cookies, misleading patterns and adaptation deadline for websites.

Photographing Customer ID Documents: GDPR Risks and Data Minimisation
Of interest to youWhy photographing or copying customer ID documents may breach the GDPR and what less intrusive alternatives companies should assess.

Transborder data transfers
Of interest to youThe scope of transborder data transfers
The publication of the General Data Protection Regulation (GDPR) on May 25, 2016 in the European Union, served as inspiration worldwide for the implementation of data privacy laws.
Many countries,…

Free VPNs: Privacy and Security Risks You Should Know
Of interest to youRisks of free VPNs: activity logging, advertising, fake apps, data leaks and a checklist for choosing a reliable VPN.

Sanction for recording underage soccer match
Of interest to youIn procedure PS/00313/2021, the Spanish Data Protection Agency (AEPD) has imposed a fine of €3,000 on a company specialized in recording soccer matches for capturing images of minors without prior consent from their parents.
Sanction for…

Sending an email without blind copy
Of interest to youIs it possible to send emails with addresses without blind copy?
Sending an email without blind copy can involve fines.
The AEPD states that email addresses are considered personal data. Therefore, their processing must comply with data…

Lack of information on the processing of personal data
Of interest to youThe AEPD imposes penalties to real estate companies of up to 5,000 € for not informing the interested party of the processing of their personal data.
Several affected parties have filed complaints to the AEPD, in relation to the use of their…

Video Surveillance in Public Spaces: GDPR Limits for Private Cameras
Of interest to youWhen private cameras may capture public spaces, AEPD limits and a checklist to reduce GDPR sanction risk.

How to Recover a Domain Name: Legal and Technical Steps
Of interest to youHow to recover a lost, hijacked or third-party domain: evidence, registrar, ICANN, trademarks, legal action and prevention.

Bad References About a Former Employee: Employment and GDPR Risks
Of interest to youGiving bad references about a former employee may create employment, reputational and data protection risks without a valid basis.

Black Friday and Privacy Policy
Of interest to youDoes your website comply with the Data Protection Law for Black Friday?
The importance of the Privacy Policy of websites
On August 26, 2022, an individual filed a complaint to the AEPD against a company for not providing sufficient information…

Whistleblowing Channel: From Draft Law to Law 2/2023 in Spain
Of interest to youThe draft law on whistleblowing channels led to Law 2/2023 in Spain. What changed and what companies should review.

Advertising through influencers
Of interest to you theInfluencers, the best tool to reach your target audience.
Advertising through influencers. The widespread use of the communication strategy in social networks has allowed brands to reach the public in a very simple way through the so-called…

Microsoft 365 in Schools: Privacy, Cloud Services and GDPR Lessons
Of interest to youLessons from the Microsoft 365 schools debate: cloud platforms, minors, contracts, international transfers and GDPR compliance.

Digital Markets Act DMA: key obligations
Of interest to youThe Digital Markets Act DMA regulates gatekeepers and core platform services. Key obligations and practical effects for digital businesses in the EU.

Company WhatsApp groups and GDPR
Of interest to youWhen companies can add employees to WhatsApp groups and what the GDPR requires: legal basis, minimisation and confidentiality.

Mandatory whistleblowing channel for companies in Spain
Of interest to youSpain Law 2/2023 requires many companies to implement an internal whistleblowing channel with confidentiality, deadlines and data protection safeguards.

Digital Services Act DSA: key obligations
Of interest to youThe Digital Services Act DSA is now applicable, setting obligations for online platforms, marketplaces, search engines and intermediary services in the EU.

Employee training awareness
Our servicesWe have heard that the weakest link in a security chain is the processing of information by employees.
Employee training awareness. Some of the most common risks of not implementing employee training include changing passwords on computers…

Data Protection Officer Service
Our servicesThe Data Protection Officer Service can be provided internally by means of an employment contract or externally in the framework of a contract of services provided.
The General Data Protection Regulation (GDPR) establishes a series of "proactive…

New Technologies and Advertising Law
Our servicesThe different disciplines covered by this section of New Technologies and Advertising Law are as follows:
New Technologies and Advertising Law. These are some of the services we provide:
We advise on regulatory compliance of promotional…

Adaptation of web and App to legislation
Our servicesIt is important to increase legal security in a changing medium such as the digital environment. Therefore, we must ensure that the web and App are correctly adapted to the legislation.
In Auratech we offer the service of adaptation and implementation…

Data Protection Audit and ISO ISMS Certifications
Our servicesData Protection Audit and ISO ISMS Certifications
1.- Data Protection Audit
Data Protection Audit and ISO ISMS Certifications. In the regulation of development of the old LOPD it was clearly stated that a Data Protection Audit should be carried…

Data Protection advice
Our servicesTo comply with the GDPR legislation with an efficient advice in Data Protection means to give confidence to the clients.
We focus on what really matters to you. We are not going to say how many years we have been in the sector, neither the…

Data Protection Services. Consulting and advice
Our servicesBy hiring our data protection services, you will be able to come into effect with national, European and International privacy regulations in a short period.
The main reason for the Data Protection regulations is, year by year, to implement…

