Data Protection and Information Society
The Data Protection Area provides comprehensive quality advice on the subject of personal data protection to companies in all types of sectors both nationally as well as internationally with the objective of compliance with the obligations arising from the regulation in effect.
In addition, we provide advice to companies rendering services through the internet with the aim of guaranteeing compliance with the legislation on prices, services of the information society and electronic commerce.
We help manage the personal information processed by our clients in fulfillment of the applicable legislation and in a manner in line with their businesses.
For purposes of example, our professional experience in the sector of personal data protection includes:
− Performance of legal and information security audits.
− Projects of adaptation to the General Regulation of Data Protection and O.L. 3/2018.
− Strategies for regulatory compliance.
− Drafting of clauses corresponding in all types of, among others , contracts, applications or dialogues with the parties concerned.
− Negotiation and production of contracts for rendering services between those responsible and assigned to the personal data protection.
− Undertaking the corresponding legal procedures including the procedures for the exercise of the rights of the parties concerned.
− Requests for the authorization of international transfer of personal data as well as advice on the international flow of data within multinational organizations.
− Advice on the management of files of asset solvency.
− Development of an ethics channel for internal grievances.
− Assistance and definition of action protocols in response to information requests and inspection procedures.
− Defense in sanctioning procedures of the Spanish Data Protection Agency.
− Creation and monitoring of internal Data Protection Committees.
− Crisis Management arising from security breaches (obligatory notifications to the SDPA and parties concerned).
− Development of internal training programs directed at those responsible for Security and Compliance.
− Function of external Data Protection Officer or advice and Support to the in-house Data Protection Officer.
In addition, in the area of services related to the information society, our experience covers the following advisory aspects:
− In regard to compliance with the obligations arising from the regulation that regulates the rendering of services of the information society.
− Processes for electronic contracting, including the production of general contracting conditions, privacy policies and legal notices of web pages. Including the request of the necessary consents to comply with the recent Law on Cookies.
− Negotiation and production of the contracts necessary for the rendering of services of the information society.
− Sending advertisements by electronic means and domain names.
− Advice to national state-owned companies on the subject of electronic administration.
− Auditing and adaptation to the General Data Protection Regulation and O.L 3/2018 to a company conducting retail sales through electronic commerce.
− Auditing and adaptation to the General Data Protection Regulation and O.L 3/2018 to an international company in the sector of the wholesale and retail toy business.
− Auditing and adaptation to the General Data Protection Regulation and the O.L. 3/2018 to an international company in the railway sector.
− Recurring legal advice on personal data protection to a multinational company engaged in the transportation of travelers.
− Recurring legal advice on the subject of privacy to various companies engaged in the development and sale of mobile apps.
− Advice to various clients executing long-distance contracts.
− Drafting online competition rules.