GENERAL REGULATION FOR DATA PROTECTION: NOVELTIES

Dic 13, 2017

On 25th May 2018, the Spanish General Regulation for Data Protection (“RGPD”) is expected to be applied, with the following novelties regarding the Data Protection Law (“LOPD”) currently in force to be stressed:

       I. So far, the regulations had only been applied to those persons responsible for or in charge of data processing                with domicile in the European Community. The new territorial scope, however, also includes non-resident                    responsible persons whose data processing activities are related to the supply of goods and services to EC-                    citizens or to the control of these within the Community.

 

       II.The data subjects’ rights are extended to the so-called right “to be forgotten” and the right of portability,                       meaning that the citizens’ personal data must not be disseminated through the Internet when the permission               no longer exists, the data have been illicitly obtained or the purpose they were collected for has been                               accomplished, and that the data must be recoverable in a way that they can easily be transferred to another                   responsible.  

 

       III. What the consent for the treatment of personal data refers to, a tacit approval as laid down under the                              original     Data Protection Law (LOPD) shall no longer be considered valid; the new regulations rather                          require a free, explicit and informed consent.

 

         IV. Proactivity based on technical and organizational protection measures adopted by companies that process                   personal data.