LOPD Consulting: data protection company

Complies with the Data Protection Law

Comprehensive LOPD / GDPR consulting service for your business. It complies with the regulations in the most efficient and economical possible with a totally tailored solution of the reality of your company.

Company obligations
Budget for SMEs and large companies

In the digital age, the application of data protection requires a prominent role for technology as a guarantee element.

What is the LOPD?

What is the LOPDGDD?

The Organic Law on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD) has been in force since December 2018. The changes introduced by this law affect the majority of Spanish companies (small, medium and large).

Data Protection makes it easier for citizens to exercise their rights of access, rectification, limitation of processing, deletion, portability, and opposition to the processing of their data.

It is also regulated how it should be reported to people about the processing of their data and entails a set of obligations for both those responsible and those in charge of the treatment.

What does LOPDGDD mean?

The LOPDGDD is the Organic Law on Data Protection and Guarantee of Digital Rights, a Spanish regulation that adapts and complements the General Data Protection Regulation (GDPR) of the European Union. It came into force in December 2018.

At Edorteam, we take care of everything to guarantee our clients’ proper compliance with the Data Protection Law, unifying legal consulting and customized IT solutions.

What data protection obligations do companies have?

To comply with the Organic Law on Data Protection we must:

N

Register the treatments performed.

N

Obtain consent expressly and through positive action.

N

Provide more information about the data processing (legal basis, maximum time of data conservation, identity of the Data Protection Officer, existence of automated decisions, international transfers ...).

N

Guarantee the exercise of the rights of access, rectification, deletion (right to be forgotten), limitation, portability, and opposition.

N

Update the website's privacy notices to adapt them to both the GDPR and the LOPDGDD, and be prepared to include them in contracts and forms.

What to do in the event of a telegraph?
What are the obligations of the Spanish data protection law?

In addition, we must enter into written contracts between those in charge of the treatment and those responsible, including the instructions from the person in charge to the person in charge in relation to security measures, the subcontracting regime, confidentiality and the destination of the data once the service has been provided.

What are the data protection sanctions?

The sanctioning regime of the LOPDGDD maintains the classification of the old LOPD 15/1999, distinguishing between very serious, serious, and minor, according to the degree of affectation of the data.

To apply one or another sanction too circumstances will be taken into account such as the continued nature of the offense, the link between the activity of the offender and the treatment, the effect on the rights of minors, etc.

Today, it is no longer enough to comply with the law at an administrative level; it is essential to have the best advice on cybersecurity for your business IT network. The continuity and reputation of your business are at stake.

Penalties of 300,000 to 600,000 euros

Those that suppose a substantial violation of the treatment and have to do with the use of the data for a purpose other than the one announced, the omission of the duty to inform the affected party, the requirement of a payment to be able to access the stored data or the international transfer of information without guarantees among others.

Penalties of 60,000 to 300,000 euros

Those that suppose a substantial violation of the treatment and have to do with data of a minor collected without consent, lack of adoption of technical and organizational measures necessary for the effective protection of data or, for example, the breach of the obligation to appoint the person responsible or data controller.

Penalties of 600 to 60,000 euros

The rest that are not included in the previous groups.

Ask us any question

Do you need personalized advice?

Explain the current situation of your company and what you need. We will call you and analyze your case to assess whether your company is at risk of regulatory non-compliance. Our services adapt to all company sizes.

What does our LOPD consulting service consist of?

Audit of your company’s characteristics

Personalized study of the types of data, systems, procedures and organization to determine the use, typology and scope of data processing what your company should do.

Execution of technical and organizational obligations

We propose solutions and take care of their implementation so that the company fulfill your obligations before the law: registration of treatment activities, review of clauses and contracts, review of procedures …

Assessment to determine if the figure of the DPO is necessary

Our legal compliance experts will determine if your company should designate a Data Protection Officer (DPO) . In that case, we will take care of all the administrative procedures before the AEPD.

Continuous support and annual compliance audit

You will always have your Edorteam consultant available for queries or to receive support in the event of a personal data breach. Our team will ensure that your company stays up to date over the years.

Includes LOPD Online management software

LOPD Online is a cloud management platform from where you will manage all the documentation regarding the protection of your company’s data:

Featured features

i

Manage the Security Document

~

Generate confidentiality agreements and other contracts

s

Quickly report about security issues

Z

Always keep the record of I / O media up to date

Advantages for your business

If you wish, we can carry out the service 100% online, with documentation always updated and available.

v

Direct communication with your Edorteam GDPR expert consultant

Regular audits and training by our specialists

R

The safety of being GDPR compliant

Differences between LOPD and GDPR

N

Organic Law on Data Protection (LOPD)

It is the law that regulates Personal Data Protection in Spain, and affects all companies, since to a greater or lesser extent, they all store personal information.

A company will face penalties from € 900 to € 600,000 in case of non-compliance.

N

General Data Protection Regulation (GDPR)

Normative european approved with the aim of unifying all its member states in matters of Data Protection.

Although our country has its own legislation (the LOPD), the GDPR should also be taken as a reference standard while a new LOPD that takes into consideration the GDPR is not approved.

If you want more information about GDPR, click on the following link.

Read more
Differences between LOPD and GDPR

In accordance with LOPD and GDPR, all companies must maintain basic procedures that ensure the protection of personal data contained in automated files , for example:

  • Data of your customers, employees and suppliers
  • Lists to carry out marketing campaigns
It continues to comply with the LOPD, also in the case of teleworking

It continues to comply with the LOPD, also in the case of teleworking

Did you know that in October 2020 the Royal Decree-Law on remote work (RD 28/2020)?

As a fundamental point, it is established that working from home the same protection measures must be applied of data and information security than in the office, under risk of breaking the LOPD. With cloud or remote desktop solutions, you have to avoid applications that do not offer guarantees and may give rise to the exposure of personal data of workers, clients and other private information.

With the advice of our legal consulting department, with more than 25 years of experience, we guarantee that your company will comply with the obligations established in the LOPD and GDPR. We adapt to the reality of your business.

Our clients say

Gracias a la consultoría en LOPD de Edorteam, hemos logrado cumplir con todas las normativas de protección de datos. Excelente asesoramiento y servicio.
La consultoría en LOPD de Edorteam nos ha brindado soluciones personalizadas y nos ha ayudado a proteger la información sensible de nuestra empresa. Muy recomendable.
Edorteam nos ha proporcionado una consultoría en LOPD integral y eficiente. Su equipo de expertos nos ha guiado en el proceso de cumplimiento y nos ha dado tranquilidad.
Maravilloso servicio, superó mis expectativas.
El equipo IT fue muy atento y resolvió todo rápidamente.
Increíble soporte técnico, siempre dispuestos a ayudar.

Gracias a la consultoría en LOPD de Edorteam, hemos logrado cumplir con todas las normativas de protección de datos. Excelente asesoramiento y servicio.

Ana Sánchez Directora de Recursos Humanos

La consultoría en LOPD de Edorteam nos ha brindado soluciones personalizadas y nos ha ayudado a proteger la información sensible de nuestra empresa. Muy recomendable.

Javier García Gerente de TI

Edorteam nos ha proporcionado una consultoría en LOPD integral y eficiente. Su equipo de expertos nos ha guiado en el proceso de cumplimiento y nos ha dado tranquilidad.

Marta Rodríguez Gerente Administrativa

Maravilloso servicio, superó mis expectativas.

Ana Gutiérrez Analista de Sistemas.

El equipo IT fue muy atento y resolvió todo rápidamente.

Luis Ramírez dministrador de Redes.

Increíble soporte técnico, siempre dispuestos a ayudar.

Laura Gómez

Frequently asked questions

What is LOPD consulting?

LOPD consulting refers to the services provided by data protection experts to help companies comply with the Organic Law on Data Protection (LOPD) and ensure the proper processing and security of personal data.

What does data protection consulting involve?

Data protection consulting involves specialized advice on privacy and personal data protection. Data protection consultants provide guidance and support to companies in the design and implementation of measures to ensure compliance with current regulations, such as the General Data Protection Regulation (GDPR).

What is the importance of hiring a data protection consultancy?

Hiring a data protection consultancy is crucial for companies, as it allows them to have the knowledge and experience necessary to comply with current regulations on privacy and data protection. In addition, it helps prevent possible sanctions and risks associated with the incorrect or inadequate processing of personal data.

What services does a data protection consultancy offer?

A data protection consultancy can offer a wide range of services, including:
• Analysis and evaluation of the company’s current situation in relation to data protection.
• Elaboration and adaptation of privacy and data protection policies.
• Advice on the management and fulfillment of the rights of interested parties.
• Conducting internal data protection audits.
• Training and qualification of personnel in data protection matters.
• Support in the management of security breaches and notification of incidents.
• Support in communication with the Spanish Data Protection Agency (AEPD) in case of inspections or requirements.

What is the difference between LOPD and GDPR?

The LOPD (Organic Law on Data Protection) is the Spanish regulation that regulates the processing of personal data in Spanish territory. For its part, the GDPR (General Data Protection Regulation) is a regulation of the European Union that establishes the rules for the processing of personal data in all member countries. Both regulations aim to guarantee the privacy and protection of personal data.

What is the new LOPD called?

The new LOPD is called Organic Law 3/2018, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD). This law, which was approved on December 5, 2018, is the update of the previous LOPD and adapts Spanish regulations to the General Data Protection Regulation (GDPR) of the European Union, also incorporating specific digital rights.

Where does the LOPD apply?

The LOPD, or more specifically the LOPDGDD, applies throughout the territory of Spain. It regulates the processing of personal data carried out by companies, organizations, public administrations, and any entity or person that manages data of Spanish citizens or people who are in Spain.

What does the LOPD and GDD regulate?

The LOPDGDD regulates the processing of personal data, guaranteeing the protection and control of these by citizens, and also establishes digital rights, such as disconnection from work and privacy on the internet, adapting the regulations to the new technological realities in Spain.

Data protection: why is it important?

Having a data protection company is essential for any business because privacy violations can have serious legal, financial, and reputational consequences.

Read article

Avoid these and other sanctions with a Compliance plan

A security breach in personal data stored, either involuntary or caused by one of your workers, will be a reason for harsh penalties to your company.

Having a Compliance program can avoid this.

Download e-book