The Spanish Data Protection Agency ("SDPA") has published a series of documents with the purpose of assisting data controllers and data processors (especially SMEs) to comply with the requirements of the new General Data Protection Regulation ("GDPR"), which will be enforceable on May the 25th 2018.
The aforementioned documents provide guidelines to entities processing personal data so that they can start to adapt their processes in order to meet the new requirements set forth by the GDPR during this transitional period.
In particular, the SDPA has published 3 documents:
The 3 Guidelines have been included in a brand new section of the SDPA's webpage that is entirely dedicated to the new GDRP. This section already includes other material prepared by the SDPA in relation to the GDPR. Moreover, the SDPA is currently developing a self-evaluation online tool with the purpose of assisting SMEs in ascertaining if they are just carrying out data processing operations that have minor impact on the data subjects' privacy rights, providing them in such case with guidance on the measures envisaged by the GDPR for this scenario.
If you are preparing yourself for the new GDPR and you need assistance, please do not hesitate in contacting us.