Category: GDPR

GDPR

Spain’s Proposed Child Online Safety Law introduces major new compliance obligations for Digital Service Providers

Spain has introduced a far-reaching legal framework to protect minors online, requiring businesses to adopt proactive compliance with new digital safety and data protection obligations. Spain is advancing comprehensive legislative reforms aimed at strengthening protections for children and adolescents in the digital environment. The proposed Ley Orgánica de protección de menores en entornos digitales (Organic

ICO’s 2025 Anonymisation Guidance: Turning Personal Data into a Privacy Asset

Explore how the ICO’s March 2025 guidance helps organisations use anonymisation to unlock data value while meeting UK GDPR compliance and strengthening accountability. As the prevalence of data-driven innovation increases, organisations must ensure that this data is being handled with the necessary level of responsibility, which for some data means that anonymisation is necessary. On

Child safety regulations: For businesses and organizations operating in the EU

The European Commission strengthens child safety regulations with the Digital Services Act and Age-Appropriate Design code.  In 2024, the European Commission made significant progress in advancing child safety regulations under the Digital Services Act (DSA). As digital platforms play an increasingly central role in children’s lives, the EU has intensified its focus on ensuring their

The UK’s Children’s Code: Update for businesses processing children’s data

The ICO has provided recommended business practices for businesses processing children’s data in the UK, to ensure compliance with the UK’s Children’s Code.   The UK’s Children’s Code (also known as the Age-Appropriate Design Code) sets out key data protection requirements for online services that process children’s personal data. Enforced by the Information Commissioner’s Office

Free Direct Marketing Advice Generator launched by the ICO

The ICO has launched a free Direct Marketing Advice Generator to help organisations stay compliant with UK laws. The Information Commissioner’s Office (ICO) has launched a free online tool to help organisations ensure their direct marketing activities comply with UK law. This tool, coined the Direct Marketing Advice Generator, is designed to provide tailored compliance

Pseudonymisation guidelines adopted by the EDPB, along with steps to enhance collaboration with competition authorities

The EDPB released new guidelines on pseudonymisation and a position paper on data protection and competition law to strengthen GDPR compliance. In January 2025, the European Data Protection Board (EDPB) made a significant regulatory announcement during its plenary meeting, by adopting new pseudonymisation guidelines, as well as issuing a position paper on the interplay between

The ICO provides tips on data protection

Prioritizing data protection for your business in 2025: ICO provides tips As you undertake business operations this year, there’s one crucial element that shouldn’t be overlooked—data protection. Getting data protection right from the start will not only ensure compliance with data privacy laws but also help you build trust with customers, suppliers, and partners alike.

A year of Data Protection Law: 2024 review

Throughout this year, the EU and the UK have experienced several notable developments in data protection. In this article, we will highlight some of the key milestones of 2024.   The year began with an ever relevant reminder, advising UK organisations on the transfer of personal data to the US under the UK GDPR, stressing

A Polish catering company was fined €54,600 for a data breach after an employee lost a flash drive with sensitive data.

A Polish catering company was fined €54,600 for failing to protect personal data after an employee lost a flash drive containing sensitive information, revealing vulnerabilities in the company’s data security. The Polish Data Protection Authority (UODO) recently fined Res-Gastro M. Gaweł Sp. k., a catering company in Kolbuszowa, Poland, €54,600 for failing to implement adequate

Aphaia participates in the event organised by NAIR Center about AI and society in Pamplona

Aphaia’s Managing Partner Cristina Contero Almagro offered a presentation about the Future and Regulation of Artificial Intelligence in Spain at the “AI and Society: Challenges and Opportunities” event organised by NAIR Center in Pamplona on 21st November.   On 21st November, Pamplona became the center of critical discussions about the intersection of artificial intelligence (AI)