In order to ensure the confidence of your customers and suppliers is important to pay attention to the rules on Spanish data protection, 

these rules are applicable to all companies, including medium and small, to keep personal information private.

In the course of the day to day running of any business, companies and SMEs should remember that they handle their customers, suppliers and employees personal data. This stems from the initial contact with potential customers or job applications as well as the keeping of invoices, payroll and so on. Therefore you should be certain that your professional activity meets the requirements of the Spanish Data Protection Agency.

Also many professionals handle personal data daily which is protected by the Spanish Data Protection Act, when filing the names, addresses and telephone numbers you are already handling personal data and you should have the necessary consent from the people whose information you are handling..

That is why all professionals and SMEs should be aware of the criteria to be fulfilled and certain obligations in order to meet the requirements of the Spanish Data Protection Act and guarantee and protect personal data:

  •  Manage the necessary steps with the authorities and comply with safety standards, auditing and staff training.
  •  Obtain the prior and necessary data holders consent.
  •  Implement in the field of activity necessary security measures.
  •  Respect the rights of access, rectification, cancellation and opposition of the people whose data is processed by the company.

In addition, you should know that not all activities have the same safety requirements, there are three levels according to the degree of importance and protection: basic, medium or high, the latter group includes those activities dealing with data ideological beliefs, origin being in the latter racial, health or sexual life.

At Pellicer & Heredia we advise you not underestimate the importance of the Data Protection Act or the consequences for those, professionals and companies which do not comply with the rules, because the fines arising from infringements regulated range from 600 euros to 600,000 euros approximately. Therefore, feel free to contact our data protection specialized department in order that our lawyers can help your business meet and adapt to the law.