Santiago De Ampuero Castellanos

Santiago De Ampuero Castellanos

Hogan Lovells

Contact
View Bio
RSS

Latest Posts › Personal Data

Share:

Spanish DPA´s guidelines for humanizing automated decisions

The Spanish Data Protection Agency ("Spanish DPA") has recently published on its blog guidance on the assessment of human intervention in automated decisions. Evaluating the degree of human intervention has become a critical...more

3/12/2024  /  Cybersecurity , Data Protection , General Data Protection Regulation (GDPR) , Personal Data , Spain

Nuevo Informe de la Agencia Española de Protección de Datos sobre los Sistemas Internos de Información

La Agencia Española de Protección de Datos (AEPD) ha publicado un nuevo informe sobre los sistemas internos de información en el contexto de la Ley 2/2023 de 20 de febrero, reguladora de la protección de las personas que...more

3/4/2024  /  Cybersecurity , Data Privacy , Data Protection , Personal Data , Spain

Second time´s a charm – Spanish DPA's decision on NOYB vs. Google Analytics Part 2

Following NOYB's filing of 101 complaints over continuous EU-U.S. data transfers by websites operators in the European Economic Area (EEA) in the post-Schrems II era, the Spanish Data Protection Agency (AEPD) issued its first...more

2/1/2024  /  Cybersecurity , Data Collection , Data Protection , EU , General Data Protection Regulation (GDPR) , Google , International Data Transfers , Personal Data

Spanish Data Protection Agency’s Guidance on age verification

The Spanish Data Protection Agency (Spanish DPA) has published guidance on age verification and protection of minors from inappropriate content. After a year of sanctions to adult content service providers, the Spanish DPA...more

1/3/2024  /  Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Personal Data

Sending personal data, receiving non-personal data: Recent EU judgment reinforces the power of pseudonymization

A new EU General Court ruling has nuanced the threshold between pseudonymous and anonymous data. In particular, it clarifies that supervisory authorities need to carry out a “test” to assess whether data can be deemed...more

5/5/2023  /  Cybersecurity , Data Privacy , Data Protection , EU , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data

Public consultation on binding rules for phone marketing – Spanish update

The Spanish Data Protection Authority has opened a public consultation process to obtain comments for an incoming decision establishing the rules for commercial communications via telephone. This decision will be binding upon...more

5/2/2023  /  Cybersecurity , Data Protection , Data Protection Authority , EU , General Data Protection Regulation (GDPR) , Personal Data , Public Consultations , Spain

Pharmacovigilance in Spain: Takeaways from the new code of conduct (Part 2)

Some weeks ago, we described the highlights of the new "Code of Conduct on the processing of personal data in the field of clinical trials and other clinical research as well as pharmacovigilance" (CoC) and the impact on data...more

5/9/2022  /  Clinical Trials , Code of Conduct , Cybersecurity , Data Protection , General Data Protection Regulation (GDPR) , Personal Data , Research and Development , Spain

Clinical trials in Spain: Takeaways from the new code of conduct (Part 1)

Last week we raised our hands to inform you about the Spanish Data Protection Authority’s approval of the "Code of Conduct on the processing of personal data in the field of clinical trials and other clinical research as well...more

3/10/2022  /  Clinical Trials , Code of Conduct , Cybersecurity , Data Controller , Data Processors , Data Protection , Data Protection Authority , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data , Research and Development , Spain

Heads up! New Spanish Code of Conduct on personal data in clinical trials and pharmacovigilance

The Spanish Data Protection Authority published on Friday on its website the new "Code of Conduct on the processing of personal data in the field of clinical trials and other clinical research as well as pharmacovigilance"...more

3/1/2022  /  Clinical Trials , Code of Conduct , Data Protection , Data Protection Authority , EU , General Data Protection Regulation (GDPR) , Personal Data , Pharmaceutical Industry , Spain

New EU guidance on GDPR right of access (open for public consultation)

The “right of access” recognized by art.15 GDPR is one of the most fervently exercised rights by individuals. Nowadays, where companies tend to amass considerable amounts of information and carry out data processing...more

2/1/2022  /  Data Protection , Data Subject Access Requests , Data Subjects Rights , EU , European Data Protection Board (EDPB) , General Data Protection Regulation (GDPR) , New Guidance , Personal Data , Public Consultations , Right of Access

How much can your car know about you? – EU guidelines on data protection and connected vehicles

Cars today are able to keep us permanently plugged-in, while collecting and generating increasing amounts of information as a result of their interaction with the driver, passengers, pedestrians, other vehicles, road...more

3/24/2021  /  Artificial Intelligence , Automation Systems , Automotive Industry , Biometric Information , Connected Cars , Data Collection , Data Privacy , Data Protection , Driverless Cars , EU , European Data Protection Board (EDPB) , General Data Protection Regulation (GDPR) , Innovative Technology , Motor Vehicles , Personal Data , Regulatory Standards

Spanish DPA shakes the privacy status quo in Spain – highest fines yet on personal data

The Spanish Data Protection Agency (“Spanish DPA”) decided to start 2021 the same way it ended 2020: by imposing the highest fines to date (EUR 5,000,000 and 6,000,000) to two large Spanish financial entities. ...more

3/11/2021  /  Cybersecurity , Data Privacy , Data Protection , Data Protection Authority , Enforcement Actions , EU , Financial Institutions , Fines , General Data Protection Regulation (GDPR) , Personal Data , Personally Identifiable Information , Spain

Nueva guía del Comité Europeo de Protección de Datos sobre (co)responsable y encargado bajo el RGPD

Aunque los conceptos de responsable y encargado del tratamiento han sido ampliamente estudiados y analizados en el pasado, el Comité Europeo de Protección de Datos ha publicado recientemente una guía en la que, además de...more

9/21/2020  /  Cybersecurity , Data Controller , Data Processors , Data Protection , EU , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data , Personally Identifiable Information , Risk Management

El Comité Europeo de Protección de Datos y el targeting en redes sociales

Nadie puede ignorar la importancia de las redes sociales hoy en día. A nivel usuario, se han erigido como uno de los principales canales de comunicación y pilar de las nuevas (o no tan nuevas) generaciones, y a nivel de...more

9/10/2020  /  Cybersecurity , Data Protection , Personal Data , Social Media , Social Networks

The Spanish DPA's new take on cookies: back to express consent

Last November, the Spanish Data Protection Authority (Spanish DPA) published its new Guidelines on the Use of Cookies within the framework of the GDPR and Spanish E-privacy rules. ...more

7/31/2020  /  Cookies , Cybersecurity , Data Protection , Data Protection Authority , e-Privacy Directive , EU , EU Data Protection Laws , General Data Protection Regulation (GDPR) , International Data Transfers , Personal Data , Personally Identifiable Information , Regulatory Requirements , Spain

Should I Be Worried About the GDPR? – EDPB’S Guidelines on the GDPR’S Territorial Scope

Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so some assume...more

12/31/2019  /  Consumer Privacy Rights , Corporate Counsel , Cybersecurity , Data Processors , Data Protection , EU , EU Data Protection Laws , European Data Protection Board (EDPB) , Extraterritoriality Rules , General Data Protection Regulation (GDPR) , International Data Transfers , Jurisdiction , Personal Data , Personally Identifiable Information , Popular , Regulatory Oversight , Regulatory Requirements , Risk Management

Spanish DPA on Use of Cookies: Continued Browsing is Consent

On November 8, the Spanish data protection authority (AEPD) published new Guidelines on the Use of Cookies (Guidelines) (Spanish only). The Guidelines have been prepared in collaboration with different organisations in the...more

11/20/2019  /  Advertising , Consent , Cookies , Data Management , Data Protection , Data Protection Authority , E-Commerce , General Data Protection Regulation (GDPR) , Information Management , Information Technology , Internet , Mobile App Privacy Guidelines , Mobile Apps , Online Advertisements , Personal Data , Spain , Transparency , Web Browsers , Web Tracking , Websites

Spanish DPA Publishes Guide for Satisfying PbD Obligation

On October 17, the Spanish data protection authority (AEPD) published the Guide to Privacy by Design (Guide). While Privacy by Design (PbD) first became a legal requirement in the EU with implementation of the General Data...more

11/7/2019  /  Cybersecurity , Data Management , Data Processors , Data Protection , Data Protection Authority , Data Security , EU , General Data Protection Regulation (GDPR) , New Guidance , Personal Data , Spain , Transparency
18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide