Data protection lawyers
Our data protection lawyers carry out all types of actions in both administrative and Administrative Litigation (Contencioso-Administrativo) proceedings.
Data protection concept
Data protection consists of the set of measures to guarantee and protect personal data (any information concerning identified or identifiable natural persons) recorded on a physical medium, which makes it susceptible to processing, and any form of subsequent use of such data by the public and private sectors, for the purpose of guaranteeing and protecting the public freedoms and fundamental rights of natural persons, and especially their honour and personal and family privacy.
The European Data Protection Regulation and Organic Law 15/1999 of 13 December 1999 on the Protection of Personal Data form the framework of obligations that any company or professional who processes personal data in the performance of their professional activity must comply with.
Importance of data protection
Today, virtually all companies process personal data, as failure to do so could result in heavy penalties from the Spanish Data Protection Agency (AEPD).
Thus, the activity of any company requires the use and processing of personal data (from the information of its employees to that of its own customers).
This makes it necessary to adapt, adapt and review the operation of the company in question to current data protection regulations.
Principles of data protection
For the due and proper protection of data, the AEPD establishes a series of principles, which are detailed below:
- Information to the interested party.
- Data quality.
- Consent of the data subject.
- Specially protected data.
- Duty of secrecy.
- Data security.
- Health-related data.
- Data communication.
- Access to data on behalf of third parties.
Data protection procedures
In accordance with the subject matter that emerges from these, we can highlight the following as the main data protection procedures before the AEPD, and which are widely known by our data protection lawyers:
- Protection of rights of access, rectification, cancellation and opposition.
Exercise of the power to impose penalties
- Immobilisation of files.
- Preliminary actions.
- Sanctioning procedure.
- Declaration of infringement of the Organic Law on Data Protection by Public Administrations.
- Registration of the creation, modification or deletion of files.
- Ex officio deletion of registered files.
International data transfers
- Authorisation of international data transfers.
- Temporary suspension of international data transfers.
- Registration of type codes.
Information to the interested party
- Exemption from the duty to inform the data subject.
- Authorisation of preservation for historical, statistical or scientific purposes.
What do we do as data protection lawyers?
Our team of data protection lawyers will be able to deal with the following actions – provided that they are focused on administrative and contentious-administrative proceedings:
- Data protection reports.
- The timely formalisation, implementation and/or adaptation of data files.
- Implementation, review and adaptation of data protection protocols.
- The rights of access, rectification, cancellation and opposition.
- Drafting, amending or adapting the appropriate confidentiality agreements.
- Filing of the appropriate claims for damages that may have been caused to a third party as a result of a breach of data protection regulations.
- Filing administrative complaints against third parties who have infringed the applicable data protection regulations.
- Formalisation of the appropriate allegations and lodging of the corresponding appeals (both administrative and judicial) in sanctioning proceedings initiated, instructed and resolved by the AEPD.
- Intervention in those cases in which an irregular inclusion in debt collection files has been carried out, claiming the damages caused in this respect.