Privacy and Protection of Personal Data

One of the biggest transformations brought about by technological innovations such as the Internet has been the capacity to store, access and exploit information, the best-known example of which is personal data.

Guaranteeing and protecting individuals’ fundamental rights, honour and privacy require the specific advice we offer our customers, both with regard to companies’ compliance with legal requirements, and protecting the rights of the holders of those rights. Our advice covers, amongst other things:

Corporate compliance

  • Companies’ compliance with the legal requirements concerning the protection of personal data.
  • Drafting privacy policies and procedures for protecting personal data.
  • Ensuring security measures are adequate.
  • Management and resolution of the exercise of the rights of access, rectification, erasure and objection (“AREO” rights).
  • Design and adaptation of reporting channels.

Audits

  • Biannual statutory audits and the auditing of security measures.
  • Preparation of the Security Document and adaption of Security measures to comply with legal obligations.
  • “Website auditing” (analysing content relating to image rights, privacy, honour, privacy policies, cookies) of the different areas of the website, sections, social networks, blogs, forums and links to other sites.

Legal texts, agreements

  • Drafting agreements governing confidentiality and the processing of personal data.
  • Data Processor and subprocessor agreements (access to data on behalf of third parties), assignment of databases.
  • Drafting texts for compliance with information obligations, obtaining consent.
  • Special clauses for “cloud computing”.
  • Special clauses for obtaining consent for receiving advertising via electronic media.
  • Obtaining consent for specially protected data.

International data transfers

  • Agreements with standard EU clauses and specific clauses.
  • “Binding Corporate Rules” for international transfers of data.

Administrative and court proceedings

  • Planning, determination of the structure and registration of files with the Spanish Data Protection Agency. Erasure of files.
  • Assistance with informative, protection of rights and disciplinary proceedings.
  • Obtaining authorisation for international transfers of data and other authorisations and communications.
  • Procedure for obtaining exemption from the duty to inform.
  • Appeals for judicial reviews to the Spanish High Court in relation to the protection of personal data.

Other

  • Exercising the rights of access, rectification, erasure and objection (“AREO” rights).
  • Exercising AREO in relation to files concerning financial solvency, advertising and commercial research.
  • Exclusion files for the sending commercial communications.

 

More information about the Digital Law Department (ITC) | Lisbon & Porto (Portugal)

 

Madrid

Belzuz Abogados - Madrid office

Nuñez de Balboa 115 bis 1

  28006 Madrid

+34 91 562 50 76

+34 91 562 45 40

This email address is being protected from spambots. You need JavaScript enabled to view it.

Lisbon

Belzuz Abogados - Lisbon office

Av. Duque d´Ávila, 141 – 1º Dtº

  1050-081 Lisbon

+351 21 324 05 30

+351 21 347 84 52

This email address is being protected from spambots. You need JavaScript enabled to view it.

Oporto

Belzuz Abogados - Oporto office

Rua Julio Dinis 204, Off 314

  4050-318 Oporto

+351 22 938 94 52

+351 22 938 94 54

This email address is being protected from spambots. You need JavaScript enabled to view it.

Associations

  • 1_insuralex
  • 3_chambers_global_2022
  • 4_cle
  • 5_chp
  • 6_aeafa