Penalties for data protection breaches increase

Featured News


The protection of personal data is becoming increasingly complex, especially since the approval of the General Data Protection Regulation (GDPR) in force since May 2018, in addition to the approval of the new Law on Data Protection and Guarantee of Digital Rights in December of the same year, the already existing Law on the Information Society and Electronic Commerce, and the European regulation project regarding the use of cookies.

Since 2018, the increase in the difficulty of processing personal data derived from new national and European legislations has led to an increase in sanctions for breach of data protection in Europe, particularly in Spain. The Spanish Data Protection Agency (AEPD) has intervened over 295 times, each with a corresponding sanction, making it one of the most active data protection agencies in the European Union.

According to data published on the agency’s own website, it is estimated that the AEPD has collected approximately 23,462,000 euros in the first eight months of 2021. The penalties

Imposed on Spanish businesses have affected all types of businesses, without size distinction, due to infringements ranging from non-notified data breaches to emails without a hidden copy. This is in part because, as a result of remote working, all companies have been forced to adapt their operations systems to this new reality but they have failed to adequately update established policies and procedures.

Internationally, a few countries are joining the implementation and/or updating of data protection laws. Among them are China, which has already passed its data protection law (Personal Data Protection Law -PIPL-), and Singapore, which has updated its Personal Data Protection Act (PDPA).

At UHY Fay & Co we have a team specialized in helping companies comply with the different regulations regarding the protection of personal data to reduce the chances of non-compliance with the different regulations. If your company has not yet managed to properly renew its data protection strategy, we will be happy to assist you.

Related Services


UHY Fay & Co and Cointegra merge

UHY Fay & Co and Cointegra merge to promote the growth of sustainability services in Spain and position the new brand among the leading firms in sustainability The brand under which these services will be…

Spain is not tax friendly

  The corporate tax in Spain, above the European average, calls into question the competitiveness of our country compared to others that are more attractive from a tax point of view. Spain’s corporate tax rate…

Post-pandemic telework agreement

  With the end of the sanitary containment measures for Covid, as of April 19, the exceptional remote work ends without the need to subscribe the written agreement and comply with the regulations established for…

Spain, a destination for digital nomads

  There are many countries that, after the Pandemic, found out opportunities to attract talent and, consequently, new taxpayers. In this race to attract digital talent, Spain is well placed, among other reasons, because of…