Blog

When a company activates a Google Ads campaign, a possible strategy to gain visibility is to bid on keywords that match another company’s brand so that their ad appears when a user directly searches for a competitor. But is this legal, ethical, or advisable? Let’s analyze it! About Legality In Spain, the Trademark Law 17/2001 […]

The management of personal and non-personal data now spans all economic sectors: from automotive to digital health. In a scenario where every connected device generates valuable information, the EU has opted for a regulatory framework that guarantees transparency, fair access, and fair competition. In this context, a new Regulation came into force on September 12, […]

From September 1st, the Independent Whistleblower Protection Authority (AINPI) is operational. This institution responds to the mandate of Law 2/2023 —which adapts the Whistleblowing Directive—, consolidating the necessary framework to provide security to those who decide to speak up against irregular practices. The AINPI is established as a public body with full autonomy and independence, […]

The Data Protection Officer (DPO) is the professional responsible for ensuring compliance with data protection regulations within an organization. Among their duties, in addition to their advisory role, are the independent guidance to the company, supervision of internal processes and their alignment with the law, as well as acting as the direct link with the […]

In March 2021, the Spanish Data Protection Agency (AEPD) imposed a historic fine on Vodafone Spain of no less than €8.15 million. This amount was notable not only for its size but also for what it revealed: a series of serious failures in how they managed their users’ personal data, at a time when privacy […]

We already highlighted in our article about the benefits of conducting periodic data protection audits the importance of companies complying with their data protection obligations and we saw how, among other reasons, avoiding penalties is a key motive to stay updated and compliant with data protection regulations. In other words, companies in Spain are required […]

For some years now, the legislative power of the European Union has focused, among other areas, on developing and updating the regulatory framework for consumer protection, particularly in the digital environment. In this context, we find platforms such as Marketplaces, whose main characteristic is to unify products or services from different sellers or providers on […]

We live in an era where the technological world is growing at an exponential rate and information has become one of the most important assets in the market. Increasingly, the information collected by companies is greater (from their employees, customers, business contacts, newsletter subscribers, web users…) and, consequently, the importance of these entities complying with […]

We are not discovering anything new if we tell you that, nowadays and taking into account the omnipresence of technology, we are at a constant risk of being victims of a cyber-attack or that, simply because of an oversight, your company’s information can be lost or revealed to the wrong people (for example, if an […]

Before answering the question that interests you most and that gives the title to this post, we would like to give you an introduction by answering the following questions: What is the NIS2 Directive? The NIS2 Directive (Directive 2022/2055) is the update and extension of the NIS1 Directive and is a regulation that aims to […]

If you think that your company located outside the European Union is outside the scope of application of the General Data Protection Regulation (‘GDPR’), let us tell you that you may be wrong. With the entry into force, in 2018, of the GDPR, a very important novelty was introduced which consists of its extraterritorial application […]

If we ask about personal data and the importance of its protection, the answer we receive is most likely completely different today than it would have been five years ago. One of the reasons lies in the evolution of technology and the growing risks associated with the misuse of personal data (the commission of cybercrime, […]

The digitalisation of all aspects of our lives is an undeniable fact: when we need to obtain information about any situation, the first thing we do is go to online search engines that will give us an immediate response, when we want to contact someone, we do not hesitate to send them a message by […]

Decision-making and profiling are processes closely linked to artificial intelligence systems, as they are the ones that support their achievement. In this sense, the use of these systems for decision-making and profiling when they involve the processing of personal data often raises many doubts as to how to apply data protection regulations. In this article […]

How did it come about? We give you some background with some relevant dates and facts and, in addition, at the end we make an update after knowing the Opinion that the European Data Protection Committee (ECDC) has published (April 2024). In January 2023, the European Data Protection Committee fines Meta 390 million euros for […]

The importance of privacy has been elevated to a priority level for both businesses and users in the digital age. Recognising the fundamental value of personal data and the need to safeguard your privacy, the European Union decided to create the General Data Protection Regulation (GDPR), designed to establish a common framework for data protection. […]

Here you will find some basic and essential rules so that you can advertise by email in compliance with the applicable regulations. We will comply with both Law 34/2002, of 11 July, on information society services and electronic commerce, and Organic Law 3/2018, of 5 December, on Personal Data Protection and guarantee of digital rights. […]

It is well known that the Internet is the information source par excellence, where large amounts of information on many different topics can be found. This is especially relevant in the field of generative artificial intelligence (AI), which has been booming in recent times, as it requires large datasets for training and continuous improvement. In […]

Last Thursday, February 8th, we participated in the Sphinx Research Day, the event organised by Sphinx that redefines the future of market research. A very complete day with different presentations by experts in the field of research and customer experience, in which we were invited to collaborate through a talk on data protection. The talk […]

What is a bad leaver? How do venture debt funds work? What is an anti-dilution clause? Many times doubts arise about the terms used in the day-to-day running of a start-up or about topics related to financing that may be of interest to us. That is why Metricson has prepared this document with the most […]

On 11 January, the French data protection authority (CNIL) published a resolution sanctioning a company for various breaches of the GDPR (Data Protection Regulation). Among the infringements considered, and the one we are analysing, is the installation of Google Analytics cookies without the consent of users. In the aforementioned ruling, the CNIL states that whatever […]

What is consuming? According to the Royal Spanish Academy, to consume is ‘to use foodstuffs or other goods to satisfy needs or desires’. The ‘desires’ part is important to understand the world in which we live insofar as, nowadays, citizens in countries with a certain industrial and economic development no longer consume strictly out of […]

Before answering the main question, we have to remember that a time and attendance system using facial or fingerprint recognition will involve the processing of special category personal data, as biometric data is involved. Recently, the Spanish Data Protection Agency (AEPD) has condemned a company that used a facial recognition system to monitor workers’ working […]

On 30 June, the new article 66 of the Telecommunications Law came into force. This article deals with the “right to the protection of personal data and privacy in relation to unsolicited communications, traffic and location data and subscriber directories” and specifically, in its paragraph one letter b) the right not to receive unwanted calls. […]