On May 24, 2021, the Spanish data protection authority (‘AEPD’) published an updated guide on notifying personal data breaches.
The guidance aims to assist organisations responsible for processing personal data with the obligation to notify data breaches to the AEPD and to the individuals whose data has been affected.
The guide focuses on the cases in which the gap has or may have an impact on the GDPR, that is, in those cases in which the breach of personal data may affect the fundamental rights and freedoms of individuals.
The Guide also highlights the specific issues of the notification of personal data breaches in accordance with the General Telecommunications Law.
Read the Guidance HERE