Organic Law on Data Protection (LOPD). A law that goes further.

The Organic Law of Data Protection (LOPD) is an omnipresent law in the world of business and affects several fields within it.

A year has passed since the European Data Protection Regulation (GDPR) came into force. At that time, it caused rivers of ink to flow in the press and produced many uncertainties about the legality of the data they were dealing with. The use they made of these data and whether or not they could continue to send advertising to their customers.

Subsequently, at the beginning of December last year, the new Organic Law on Data Protection and Guarantees of Digital Rights, LOPD, came into force. Not only did it adapt our legislation to European regulations, but it also addressed, from the point of view of Data Protection, matters in the workplace (control of employee devices, geolocation, disconnection of hours) and established new digital rights for citizens.

As if this were not enough, last March the RDL on Social Protection and the Fight against Precarity in the Workplace was published. This included, among other measures, the compulsory hourly register for all companies. This change, although it may go unnoticed, also has an impact on Data Protection.

Organic Law on Data Protection. Present daily.

There is no doubt that all these legislative changes imply greater formal obligations that we have to comply with if we do not want to face heavy sanctions. Both the Data Protection Agency and the Labour Inspectorate.

Complaints to the Data Protection Agency continue to increase. And all the companies that process data are exposed to them. Even in activities that apparently do not have great risk attending to the treated data: an unsatisfied client or a despised employee are potential denouncers.

Some of our customers have already faced the first complaints. That we have been able to save without penalty, by being able to prove due diligence in the processing of data made by our customers.

For this reason, from our Legal Consulting Department we recommend you not to forget the adaptation to the regulations on Data Protection, since although it is no longer journalistic, the obligation continues to exist and the first inspections, as we have indicated, are arriving.

Advice.

With minimum diligence measures such as these:

review of the data processing carried out
of the legal basis of the treatment
of the security measures implemented
transparency of information to data subjects

All this duly documented, we will place ourselves in a status of minimum compliance. This would be a reasonable starting point, as the standard points to a progressive increase in compliance.

If we add to the above specific policies for the use and control of digital devices made available to employees. We will avoid:

on the one hand, labor conflicts
security breaches in our companies
and demonstrate greater diligence and commitment to regulatory compliance, something increasingly considered in the field of sanctioning.

We understand that with a minimum effort they can lessen their responsibility. For this reason, we are once again at your disposal to accompany you in this task. From the knowledge we have of their companies and the matter.

Our Legal Department will provide you with the support you need.