We advise you so that data protection becomes an integrated procedure within your organization and a competitive advantage, rather than an obstacle that paralyses your activity.
As personal data protection and privacy lawyers, we can help you
Current personal data protection regulations impose a large number of mandatory requirements. Respect for privacy and the processing of personal data in line with the provisions of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation) and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights, among other complementary and sectorial regulations, require continuous attention from companies and organizations in order to achieve efficient compliance and avoid the imposition of fines and other sanctions.
However, compliance need not be seen solely as a burden, but can be a real competitive advantage for businesses. We can help you maximise the benefits of complying with privacy and personal data protection regulations.
As expert data protection and privacy lawyers, our firm offers you the following data protection services:
- Implementation of the General Data Protection Regulation
We solve problems and provide solutions for compliance with personal data protection regulations in a personalized and objective manner. Regardless of the sector your company comes from, we will help you comply with the law and be able to demonstrate that you have complied with it.
- Risk analysis, data protection impact assessments (DPIA) and privacy by design
Any personal data processing operation involves risks and has a legal impact. An analysis prior to its implementation makes it possible to identify risks, prevent their consequences, reduce costs and comply with regulations.
- Ongoing legal advice on data protection issues
Solve any doubt or question related to the basic principles and ARCO-POL rights (access, rectification, deletion (cancellation), opposition, portability, forgetting and limitation of processing), transfers, international data transfers, data controllers and data processors, video-surveillance, conflicts between company and employee, etc.
We also offer legal advice on best practices in the field of personal data protection concerning cloud computing, internet of things, big data, artificial intelligence, e-commerce, marketing online, use of cookies and other similar information storage devices.
- International data transfers
Establishment of safeguards for transfers of personal data to third countries or organizations: standard contractual clauses, binding corporate rules, adequacy decisions, etc. We have a team of specialists in international data flows, which are increasingly typical in a globalized world.
- Data Protection Officer
If your company requires a data protection officer and you prefer to have an external qualified professional, you can count on us. We offer you the external service of Data Protection Officer. We also advise your company’s Data Protection Officer, if you already have one. Our objective, in either case, is to provide added and differential value to your company.
- Advice and defense in disciplinary proceedings
Legal assistance in case of inspection by the Spanish Data Protection Agency (AEPD), filing of appeals, preparation of the appropriate legal defense strategy, etc. Our work is aimed at achieving two objectives: avoiding a sanction and reducing the reputational impact that being immersed in an administrative process before the AEPD may have on the market.
- Lodging of claims and complaints
We advise you on the filing of complaints and claims before the AEPD and the courts of justice when you have been a victim or when your rights relating to privacy and the protection of personal data have been violated.
The most frequently raised claims are those related to internet services, unauthorized inclusion in debt collection files, video surveillance, receipt of advertising and debt claims, but they are not the only ones. As lawyers dedicated to privacy you can count on us.
Case studies
- We were in charge of designing and carrying out the DPIA for the technology company in the insurtech sector, Cobertoo, in the framework of the 2021 Spanish financial sandbox. Final report accepted and approved by the Spanish Data Protection Agency (AEPD) and the Directorate General of Insurance and Pension Funds which allowed the company to start testing the sandbox. The AEPD had originally rejected the report prepared by another law firm as deficient.
- We were in charge of carrying out and designing the DPIA for the technology company in the insurtech sector, Tuilli, in the framework of the Spanish financial sandbox 2021. Report accepted and approved by the Spanish Data Protection Agency and the Directorate General of Insurance and Pension Funds, which allowed the company to start testing the sandbox.