Pérez-Llorca and Endeavor España held a debate session on the upcoming changes to the data protection regulation and how they affect companies in the Spanish entrepreneurial sector.
On 25 May 2018 and following a two-year grace period, the new Data Protection Regulation 2016/679 of the European Parliament and of the Council (RGPD), which was approved on 27 April 2016, will become binding in Spain. In just four months, this regulatory change will have a direct impact on the day-to-day running of the Spanish business world.
The regulation covers the protection and free movement of data, and affects all companies as regards the handling and management of the data they collect or already hold on their users.
Any company that operates in Spain must comply with the regulation, which is a revolutionary change to the requirements that companies must satisfy to ensure the protection of users’ personal data, which is a fundamental right in Europe.
In the case of Spain, the new regulation repeals Directive 95/46/EC and amends the national Data Protection Law.
Pedro Fernández, Partner of the Corporate practice at Pérez-Llorca and a mentor at Endeavor Spain, opened the event. “Sessions like these are necessary because the implementation of the new Data Protection Regulation is imminent, and companies must be aware that its implementation is not optional and, in many cases, complex,” said Fernández.
Adrián García-Aranyos, Managing Director of Endeavor Spain, was next to speak. “In a world where data is critical to any company, it is important for Endeavor to promote these types of discussions with partners of Pérez-Llorca’s caliber. The expert knowledge of their team is key to helping all Endeavor entrepreneurs and others in the sector that are facing this problem,” explained García-Aranyos.
Lastly, Natalia Martos, Counsel of Data Privacy, IP/IT and Digital Business at Pérez-Llorca, explained the forthcoming regulatory changes in detail. Martos emphasised that this new Regulation “applies to all companies, regardless of where they are located, whether they provide goods or services to European citizens or profile them. This change enables European companies to compete on a level playing field with companies from other countries in the development of data-driven businesses.” In conclusion, Martos explained that “it is important to change the perception of adapting to the new regulation and instead view it as an investment. Companies who design their technology and business models with privacy in mind will be able to continue to develop these business models completely normally. Being ‘Pro Privacy’ and gaining the user’s trust will lead to greater business growth.”
After hearing from the speakers, the audience were able to raise their concerns directly with the experts during an interesting round of questions. Some of the topics that generated the most conversation were the role of “data protection officer” (DPO), collecting data on children under the age of 13 and the penalties for breaching the law. Among those who contributed to the conversation with their questions were several members of the Endeavor entrepreneur network such as Adglow, Smartick, Alto Data Analytics and Glamping Hub.