Home
News
Leading Marketing Agency since 2004, Costa del Sol

IF YOU HAVE A BUSINESS IN SPAIN YOU NEED TO KNOW THIS… 

New data protection laws come into force on 25 May 2018. Your company must comply fully or you can be fined up to 20€ million or 4% of your company’s global annual turnover.

Forget going under the radar, the Delegado Proteccion de Datas will visit your company to enforce the legislation. If your business doesn’t fully adhere to the rules, it will result in a hefty financial penalty

The new General Data Protection Regulations (GDPR) are designed to ensure stricter standards for securing and protecting personal data and to remove obstacles to cross-border trading throughout the EU. Both historical and future data on EU citizens will be affected.  The only way to avoid it is to exclude all data on EU citizens, which isn’t an option if your company is in Spain and your customers are EU citizens.

Adherence to the current Data Protection Act is a good start but you must also implement additional measures. It is your responsibility as a company owner to know your legal obligations and to ensure full compliance or face a fine of up to 20€ million or 4% of your company’s global annual turnover.

How it affects your company

GDPR covers all aspects of data collection and protection and so it will affect your website, landing pages and email marketing.All GDPR measures must be implemented before 25 May 2018. These include:

  • User opt-in – all forms must have the correct tick boxes (pre-ticked is unacceptable)
  • Third-party tracking – you are responsible for using GDPR compliant third-parties
  • Database – must be brought up to GDPR standards
  • Online payment- all details must be removed after a reasonable period
  • Security on your website
  • Emails can only be sent to people who have opted-in
  • Cookie Notice, Privacy Policy and Terms and Conditions must be relevant to your product and approved by your legal advisers.
  • And much more..

What you need to do

  1.  Firstly, get legal advice.
  2. Check if you are already signed up for GDPR (LOPD- Spanish data protection). If not, do so immediately, as a member of your staff must take the course and start implementing the necessary procedures before 25th May).

How Redline can help you

Redline can help you implement the required changes on your website etc., but remember it is your responsibility as a company to make sure all procedures are in place.

Please note, that this information is for guidance only and we strongly recommend that you get legal advice immediately to ensure that your business is fully compliant.

Further useful information:

Agencia Española de Protección de Datos

LOPD to RGPD: Countdown for Adapting to a Tougher System

European Commission – Questions and Answers General Data Protection Regulation

Preparing for the General Data Protection Regulation (GDPR)

SIGN UP TO OUR BLOG

Informative clause In accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the Organic Law on Data Protection 3/2018 of 5 December, we inform you that the data you provide will be processed by the owner Redline Solution SLU with CIF B92578020 are processed in order to attend and respond to contact requests, requests for information and/or queries received and/or to send commercial prospecting or information about our products or services. The legitimacy of the processing is based on the consent of the interested party. No data will be passed on to third parties unless legally required to do so. You may exercise your rights of access, rectification and deletion of data, as well as other rights, as explained in the additional information. You can consult the additional and detailed information on data protection by clicking on the PRIVACY POLICY or by sending an email to: [email protected].

POPULAR POST

BOOK A MEETING

    Informative clause

    In accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the Organic Law on Data Protection 3/2018 of 5 December, we inform you that the data you provide will be processed by the owner Redline Solution SLU with CIF B92578020 are processed in order to attend and respond to contact requests, requests for information and/or queries received and/or to send commercial prospecting or information about our products or services. The legitimacy of the processing is based on the consent of the interested party. No data will be passed on to third parties unless legally required to do so. You may exercise your rights of access, rectification and deletion of data, as well as other rights, as explained in the additional information. You can consult the additional and detailed information on data protection by clicking on the PRIVACY POLICY or by sending an email to: [email protected].