Noyb (None of Your Business), the data protection organization founded by Max Schrems, has filed complaints regarding six major Chinese companies, namely, TikTok, AliExpress, SHEIN, Temu, WeChat and Xiaomi before the data protection authorities of Italy, Greece, Belgium, the Netherlands and Austria. Mirroring the complaints filed some years ago regarding data transfers to the US, […]
Dr. Veronica Miño
Posts by Dr. Veronica Miño:

News from the UK: The ICO’s Online Tracking Strategy 2025
The UK data protection authority, Information Commissioner’s Officer (ICO), has recently published news regarding their online tracking strategy for 2025. Recognizing that “being tracked online is part of daily life for most people”, in 2024 the ICO implemented a number of initiatives to enhance people’s control over how they are tracked. Among such initiatives, the […]

Legislation on Web Accessibility in Spain
The Spanish legislation contemplates the need to guarantee the rights of people with disabilities since the Spanish Constitution of 1978. In the framework of information technologies, the „Law 51/2003, of 2 December, on equal opportunities, non-discrimination and universal accessibility for people with disabilities“, now repealed, established a period of two years to approve the basic […]

Chile Aprueba Nueva Ley de Protección de Datos
La nueva ley de protección de datos personales, Ley 21.719 se publicó hoy, 13 de diciembre de 2024 en el diario oficial de la República de Chile. La nueva ley entrará en vigor 24 meses después de su publicación esto es, en Diciembre de 2026. De acuerdo con el portal de internet del gobierno de […]

Chile Approves New Data Protection Law
The new personal data protection law, Law 21.719 was published on December 13, 2024 in the official gazette of the Republic of Chile. The new law will enter into force 24 months after its publication, namely, in December 2026. According to the Chilean government’s website, the new law brings the Chilean standard of personal data […]
EDPB publishes opinion on the “Code of Conduct for Service Providers in Clinical Research” submitted by EUCROF
According to Art. 40 GDPR, associations and other bodies representing categories of controllers or processors are encouraged to prepare codes of conduct, or amend or extend such codes, for the purpose of contributing to the proper application of the GDPR in specific sectors. When such codes of conduct – or amendments to existing ones – […]
Resolution from the DSK regarding the secondary use of genetic data
Before we delve into the position paper of the Conference of Independent Federal and State Data Protection Supervisory Authorities (DSK), it is important to discuss the exceptional nature of genetic data. Genetic data, defined in Art. 4 (13) GDPR and in Recital 34 GDPR, was included within the special categories of data by the GDPR, […]
The Washington My Health My Data Act enters into force
The Washington My Health My Data Act (henceforth the “MHMDA”) passed the Washington State Legislature on April 17, 2023, and was signed into law on April 27, 2023. The Act includes effective dates on a section-by-section basis with regulated entities being bound to comply with its obligations and prohibitions beginning 31 March 2024. Small businesses […]
What does the Data Privacy Framework Self-Certification mean for your company?
Let’s take a closer look at what the decision to self-certify under the DPF means for your company. In terms of costs, other then the applicable fees, you need to consider administrative and organizational costs aimed at ensuring accountability while implementing mechanisms to allow data subjects the exercise of their rights. We are providing you […]
Does your Company Need a Data Privacy Framework Certification?
Well, it depends. Let me begin by providing an overview of the Data Privacy Framework as adopted on July 11th 2023 and follow by providing my opinion on whether and for which companies a certification under the new framework would add value. The EU-US Data Privacy Framework in the Big Picture of the Adequacy Decisions […]
ChatGPT temporarily banned by the Italian Garante
Following a data breach reported on March 20th by OpenAI, the US company that develops and manages the ChapGPT platform, the Italian Garante decided on Thursday March 31st to temporarily limit the processing of Italian users’ personal data by the platform. As a result of the Garante’s decision, the company has blocked ChatGPT in Italy […]
La Agencia Española de Protección de Datos multa a “La Liga” con 250.000 Euros
La Asociación Española de Clubes de Fútbol, “La Liga” ha sido la primera organización en recibir una multa ejemplar por incumplimiento del Reglamento General de Protección de Datos (RGPD) en España. La aplicación móvil sujeto de la denuncia y posterior multa, utilizaba el micrófono de los usuarios y su localización por GPS con el fin […]
The Spanish Data Protection Agency fined „La Liga“ with 250,000 Euros
The Spanish Association of Football Clubs, „La Liga“ has been the first organization to receive an exemplary fine for non-compliance with the General Data Protection Regulation (GDPR) in Spain. The mobile application, subject to the complaint and subsequent fine, used the users‘ microphones and their GPS location in order to capture illegal transmissions of football […]
España: Aprobada la Ley Orgánica 3/2018, de 5 de diciembre, de Protección de Datos Personales y garantía de los derechos digitales.
Con un apoyo parlamentario del 93% la nueva Ley entrará en vigor al día siguiente de su publicación en el Boletín Oficial del Estado. La nueva Ley adapta el derecho español al Reglamento General de Protección de Datos (RGPD) e introduce novedades mediante el desarrollo de materias contenidas en tal reglamento. Las más importantes de […]
Spain: The Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights has been approved.
With 93% parliamentary support, the new Law will enter into force the day after its publication in the Official State Gazette (Boletín Oficial del Estado BOE). The new Law adapts Spanish law to the General Data Protection Regulation (GDPR) and introduces novelties through the development of certain matters contained in the GDPR. The following are […]