Search

Data breaches under Spanish law

The additional provision 9 of Organic Law 3/2018 provides that public authorities, computer emergency response teams (CERT), security incident response teams (CSIRT), network and electronic communication providers and security technology providers may only process personal data contained in security notifications during the threat. They shall strictly use personal data for analysis, detection as well as protection while implementing adequate security measures. (link)

Reporting a data breach in Spain

Data breaches can be reported to the AEPD via this online form. Detailed instructions on the data breach assessment and reporting process is available in this guide in English. The guide contains a reporting form draft in Annex II.

activeMind.legal Rechtsanwaltsgesellschaft is a law firm specialising in data protection law. With our partner firms in the UK and Switzerland, we cover all aspects of GDPR compliance and national data protection law in Europe.

Munich

activeMind.legal
Rechtsanwaltsgesellschaft m. b. H
Potsdamer Straße 3
80802 Munich, Germany

+49 (0) 89 / 919 29 49 00

Berlin

activeMind.legal
Rechtsanwaltsgesellschaft m. b. H
Kurfürstendamm 56
10707 Berlin, Germany

+49 (0) 30 / 770 19 10 70

Services

Resources

About

Group

© 2016-2024 activeMind.legal

powered by rethink digital & KLEINWERKSTATT

Contact us!

+49 (0)89 / 91 92 94 – 900

Full details of how we handle your data can be found in our privacy policy.

Secure the knowledge of our experts!

Subscribe to our free newsletter:

By clicking on "Subscribe now" you consent to receive our newsletter. We will only use your data in accordance with our privacy policy.