We would like to place strictly necessary cookies and performance cookies on your computer to improve our website service.
To find out more about how we use cookies and how you can change your cookies settings, please read our  cookies statement.                
Otherwise, we'll assume you are OK to continue.   Please close this message

Spanish Data Protection Regulator and Cookies

31 December 2014

Following an investigation by the Spanish Data Protection Authority (AEPD) into complaints made against a publishing company Scriptorium Ediciones Limitadas, S.L., AEPD settled with the publisher in the form of a public resolution regarding the publisher’s failure to comply with the Spanish cookies law.

The publisher’s website was found to use a variety of cookies but not display an appropriate cookies statement in accordance with law 34/2002 of Information Society and Electronic Commerce Services Act (the Act).

Whilst the statement on the website did indicate that cookies were used to “improve a user’s browsing experience” there was no transparency about the other uses that cookies were being put to in terms of monitoring, tracking and analytics.

Whilst the publisher was found to be in breach of the law, no fine was issued by AEPD because of the publisher’s prompt collaboration with AEPD and its undertaking to implement appropriate changes to the website cookie statement.

Although Data Protection Regulators have been relatively slow to enforce the cookies law there is every need to ensure that websites contain transparent cookie notices and appropriate consent mechanisms otherwise personal data collected without compliance with the cookies law is processed unlawfully.

For further information please contact Robert Bond on 0207 427 6660 or robert.bond@crsblaw.com