Blog

We are not discovering anything new if we tell you that, nowadays and taking into account the omnipresence of technology, we are at a constant risk of being victims of a cyber-attack or that, simply because of an oversight, your company’s information can be lost or revealed to the wrong people (for example, if an […]

Before answering the question that interests you most and that gives the title to this post, we would like to give you an introduction by answering the following questions: What is the NIS2 Directive? The NIS2 Directive (Directive 2022/2055) is the update and extension of the NIS1 Directive and is a regulation that aims to […]

If you think that your company located outside the European Union is outside the scope of application of the General Data Protection Regulation (‘GDPR’), let us tell you that you may be wrong. With the entry into force, in 2018, of the GDPR, a very important novelty was introduced which consists of its extraterritorial application […]

If we ask about personal data and the importance of its protection, the answer we receive is most likely completely different today than it would have been five years ago. One of the reasons lies in the evolution of technology and the growing risks associated with the misuse of personal data (the commission of cybercrime, […]

The digitalisation of all aspects of our lives is an undeniable fact: when we need to obtain information about any situation, the first thing we do is go to online search engines that will give us an immediate response, when we want to contact someone, we do not hesitate to send them a message by […]

Decision-making and profiling are processes closely linked to artificial intelligence systems, as they are the ones that support their achievement. In this sense, the use of these systems for decision-making and profiling when they involve the processing of personal data often raises many doubts as to how to apply data protection regulations. In this article […]

How did it come about? We give you some background with some relevant dates and facts and, in addition, at the end we make an update after knowing the Opinion that the European Data Protection Committee (ECDC) has published (April 2024). In January 2023, the European Data Protection Committee fines Meta 390 million euros for […]

The importance of privacy has been elevated to a priority level for both businesses and users in the digital age. Recognising the fundamental value of personal data and the need to safeguard your privacy, the European Union decided to create the General Data Protection Regulation (GDPR), designed to establish a common framework for data protection. […]

Here you will find some basic and essential rules so that you can advertise by email in compliance with the applicable regulations. We will comply with both Law 34/2002, of 11 July, on information society services and electronic commerce, and Organic Law 3/2018, of 5 December, on Personal Data Protection and guarantee of digital rights. […]

It is well known that the Internet is the information source par excellence, where large amounts of information on many different topics can be found. This is especially relevant in the field of generative artificial intelligence (AI), which has been booming in recent times, as it requires large datasets for training and continuous improvement. In […]

Last Thursday, February 8th, we participated in the Sphinx Research Day, the event organised by Sphinx that redefines the future of market research. A very complete day with different presentations by experts in the field of research and customer experience, in which we were invited to collaborate through a talk on data protection. The talk […]

What is a bad leaver? How do venture debt funds work? What is an anti-dilution clause? Many times doubts arise about the terms used in the day-to-day running of a start-up or about topics related to financing that may be of interest to us. That is why Metricson has prepared this document with the most […]

On 11 January, the French data protection authority (CNIL) published a resolution sanctioning a company for various breaches of the GDPR (Data Protection Regulation). Among the infringements considered, and the one we are analysing, is the installation of Google Analytics cookies without the consent of users. In the aforementioned ruling, the CNIL states that whatever […]

What is consuming? According to the Royal Spanish Academy, to consume is ‘to use foodstuffs or other goods to satisfy needs or desires’. The ‘desires’ part is important to understand the world in which we live insofar as, nowadays, citizens in countries with a certain industrial and economic development no longer consume strictly out of […]

Before answering the main question, we have to remember that a time and attendance system using facial or fingerprint recognition will involve the processing of special category personal data, as biometric data is involved. Recently, the Spanish Data Protection Agency (AEPD) has condemned a company that used a facial recognition system to monitor workers’ working […]

On 30 June, the new article 66 of the Telecommunications Law came into force. This article deals with the “right to the protection of personal data and privacy in relation to unsolicited communications, traffic and location data and subscriber directories” and specifically, in its paragraph one letter b) the right not to receive unwanted calls. […]

The EU has passed legislation that aims to (1) create a safer digital space for users and (2) create a more level playing field for businesses, namely the Digital Services Act (DSA) and the Digital Markets Act (DMA). How do the DSA and DMA apply? These rules apply to digital services. Digital services can include […]

The Data Protection Agency will subject 30,000 DPOs of public and private entities to ‘examination’. DPOs to be examined A few weeks ago the Spanish Data Protection Agency (AEPD) announced that, as part of an action coordinated at EU level by the European Data Protection Board (EDPB), it will examine and analyse 30,000 data protection […]

The AEPD announced[1] this March its participation in an action with other European data protection agencies that will be focused on assessing whether organisations in various sectors of activity comply with the requirements established by the European General Data Protection Regulation, the GDPR, for the appointment of Data Protection Officers. What are the requirements to […]

How to use WhatsApp in my company in compliance with data protection regulations? WhatsApp is the instant messaging application par excellence, with more than 35 million users in Spain and more than 2 million active users worldwide at the beginning of this year. Therefore, it should come as no surprise that it has become the […]