Peraza Consultores ®
  • DeutschEspañolFrançaisItalianoPortuguesрусский
  1. Peraza Consultores ®
  2. News

IMPORTANT: NOTICE ON ACCESS CONTROL AND WORKING DAY RECORD BASED ON FINGERPRINT DATA COLLECTION OR FACIAL RECOGNITION

The Spanish Data Protection Agency has published a new Guide on presence control treatments using biometric systems in which it sets the criteria for the use of time records and access control based on fingerprint and facial recognition . This guide is decisive given that it clearly indicates the guidelines that it considers legal to be able to implement these systems, and that, therefore, if they are not complied with , said systems would not be covered by the regulations and, therefore, their use would be punishable : If time registration or access control is done through fingerprint,...

Report 2022 of the Spanish Agency for Data Protection: the largest number of claims in its history

Participation of the AEPD to analyze the situation of data protection delegates

The initiative is launched within the framework of the EDPB to assess the situation of DPOs in their organizations, analyzing the practices of more than 30,000 public and private sector entities

The Spanish Data Protection Agency (AEPD) participates in a coordinated European action to analyze the designation and situation of data protection delegates (DPD) in public and private entities, within the framework of coordinated actions of the European Committee for the Protection of Data Data (EDPB) expected in 2023 . The objective of this preventive action is to assess whether the situation of DPOs in their organizations conforms to what is required in the General Data Protection Regulation. For its part, the AEPD will analyze the practices of more than 30,000 public and private...

New services for companies

At Peraza Consultores we have always wanted to offer the best service to our clients. That is why, after the latest reforms, entry into force and upcoming obligations for companies in labor matters, we have created new services that we understand are of great value to our clients. Thus, we expanded our range of services to guarantee greater legal control for both our clients and the clients of our consultancies. Therefore, if you are an SME, business group, self-employed person or large company , we analyze your needs in terms of data protection , equality , harassment prevention...

Collaboration agreement between FEDETAX, Peraza Consultores and I+D Abogados

On October 6, 2022, the collaboration agreement was signed between the parties whose main objective is to offer data protection services, implementation of the harassment protocol and remuneration registration, for member entities of FEDETAX . The entities and users that are beneficiaries of this agreement will be the associations, cooperatives and member entities of FEDETAX , as well as the holders of taxi licenses attached to the federation and other collaborating entities such as fleet management companies. Likewise, the services that will be provided are: DATA PROTECTION Record...

January 28: International Data Protection Day

As every January 28 and on the occasion of International Data Protection Day , the Spanish Agency for Data Protection has published, together with the Ministry of Consumer Affairs, a campaign to raise awareness about identity theft on social networks. The youngest are the most vulnerable when it comes to suffering this type of act. That is why, from Peraza Consultores we want to influence once again the importance of a good technological education for the youngest population. Let them understand that social networks are a communication tool, but that it also means knowing how to use them...

Collaboration with CanariasAhora

Last December, we collaborated with Canarias Ahora in the publication of an article on video surveillance in the public sector . On this issue, we must be clear about some aspects related to video surveillance in public spaces: 1. The installation of cameras on public roads can only be carried out by State Security Forces and Bodies and/or Local Corporations. 2. For the installation, it is necessary to write a report by local corporations, or other public institutions, indicating, among other issues: the need and purpose of applying this measure. The capture area and recording period...

Peraza Consultores, a company adhered to the #PactoDigitalAEPD

From our firm, we have always understood that good privacy and security management begins with a good training phase . At the beginning of our trajectory, we began making practical guides to deliver to our clients, where we informed about different protocols and good practices to follow for proper information governance. That is why, when the AEPD took the initiative of its Digital Pact , we understood that it was our job as a company dedicated to this sector, to contribute our grain of sand and disseminate the educational content that the agency itself made available to all interested...

No! Can! Come on!

When we are going to start a new project, there are many who ask us what this "LOPD-data protection" consists of. Many have even asked us if our job is to "guard your data so that they are more secure." No, we do not guard anything. But your company can do it . As easy as starting to implement security measures on your computer equipment, hard drives, flash drives, laptops, tablets, mobile phones, shelves, general filing cabinets, offices... And it is that as we indicate to clients, we can say that the data protection regulations have four legs :   Documentary , which includes...

The thing goes about protocols

I did not know that, where is it written?   I do my job that way because I've always done it that way.   They have not told me that.   When we come to a company to carry out a new data protection project, we find in most cases that each department is watertight , communication often does not flow between them and, as far as we are concerned, Regarding the processing of personal data, the same procedures are not carried out in a homogenized manner . One of the keys to success in the implementation of this type of project is to determine (and apply) a series of...

I don't get into "the cloud"

In recent years, people have heard more often about "the cloud": that kind of entity that knows everything that guards . There are many who are reluctant to use this system because they say they do not feel safe, they mistrust, they lose control over their data …. But then they use an email like Gmail, Hotmail, etc. Gentlemen, ladies, the servers that are used to store our emails, where we put personal data, attached documents and all the things that we know we send by mail, are not managed by us, they are managed by Mr. Google and Mr. Micfosoft ( among others) . When using data...

SuperDPO

Data protection professionals are in luck: we have seen the birth of our new messiah, the European Regulation 2016/679 on Data Protection (RGPD for friends). Far from covering in this post the novelties that this new regulation brings (which are not few...), we will focus on bringing you closer to a figure that we will soon all hear about in the business world, and that is developed in the aforementioned regulations: Data Protection Officer. What is it, who is it, what does it do, why… The Data Protection Officer, DPO or Delegate of Data Protection , is defined in the GDPR as...

The implementation of the LOPD: hard work, ladies and gentlemen. Part II

The other day, sitting on a terrace, a friend asked me what was that about cookies . In an attempt to clarify his doubts, what I achieved was to create more confusion for him: - But I do not understand. If I have a website and I don't know anything about computing, or programming, or anything, how will I know which cookies are installed, their duration, their manager, their purpose and stuff? And it is that, if one thing is true, the LOPD (and the LSSICE, in the case of cookies) is not easy to apply . Diagram example of a person responsible for the standard file in relation to the...

The implementation of the LOPD: hard work, ladies and gentlemen. Part I

Definitely, talking about a 100% implementation in accordance with data protection regulations is by no means an easy task. If we outsource this service, the task of the adviser should be , in addition to recognizing and solving possible problems that may be found, that of motivating, training, explaining (and in some cases imposing) the personnel, managers and senior positions, the concepts Basic information that will help to implement the security measures aimed at guaranteeing a correct adaptation to the regulations. Much is said about involvement , but it must not be forgotten that...

If my company is not on the Internet... does it not exist?

We live in the digital age, with just one click we have all the information we want (and need). The Internet is a great showcase for our products, services and business ideas . And a quick and easy way to find what we are looking for. Does that mean that if my company is not on the Internet, it does not exist? Well, for your regular and regular customers, yes, but for potential customers... I highly doubt it . A good website has to have (if web developers allow me) four essential blocks: Programming Design Content Legal aspects Have you checked your website lately to see if...

Summer Reading: Battery of Privacy Articles

To you user, we know that you care about your personal data, that you want to know what companies do with them and to whom they give them... To you user, we know that even in summer you like to keep up with the news... To you user, we know that you are looking for interesting readings to spend time on the beach... We propose a series of articles that we know you may be interested in: Implications of Brexit in terms of data protection Source: expansion.com Interview with Solana Larsen, digital rights activist: "Facebook violates our privacy in ways we don't even understand" ...

Phishing: What is it and what does it consist of?

The technique known as phishing consists of sending an electronic communication to a user, pretending to be an entity (generally known and commonly used among users), in which it asks for certain private information, either by sending an email, downloading a file or through a link to a website. Generally, phishing is usually thought of by email, but it can also occur through sms, mms, or even WhatsApp or social networks. Keep these indications in mind to be able to detect that you are facing a phishing scam: The content of the email: Technical problems. Recent fraud detections...

Beware of the Endesa electronic invoice scam

It is a Ransomware Locky-type computer virus, whose purpose is to block the computer's files in order to later request a financial ransom to unlock them.

The company warns that invoices are being sent on behalf of Endesa, the content of which is a Ransomware Locky-type computer virus, the purpose of which is to block the computer's files in order to subsequently request an economic ransom for their unlocking. We remind users to NEVER give their personal data, passwords, click on links or download content from emails for which they do not know the addressee or it is not a common practice with said company. Here are some guidelines to follow to avoid falling into this type of fraud: Never open email attachments from unknown senders . Be...