LEGAL: LOPD AND LISSEC

It's not the most entertaining aspect of an eCommerce. But perhaps the most important.

COMPLY WITH THE LAW
starz

Whether you do e-commerce, or perform other activity on the Internet, you must comply with the laws currently in force: the Law of Organic Data Protection (LOPD) and the Law of Information Society Services and Electronic Commerce (LISSEC ).

FreshCommerce as agency specializing in e-commerce performs all necessary steps for our clients to comply with current legislation.

Among them, we can highlight the following:

  • Registration with the Spanish Data Protection Agency.
  • We tailor web platforms for compliance.
  • Constant updates on changes in law.
  • Law of Information Society Services and Electronic Commerce (LISSEC)

Ley de Servicios de la Sociedad de Información (LSSI)

Does this law affect me?

Generally, any person or company that makes a lucrative economic activity or profits in any way by the Internet service provided.
We can list:

  • eCommerce.
  • Online recruitment.
  • Information & adverstising.
  • Intermediary services

What obligations do I have?

You must have available on your website the following information for your customers:

  • The various technical means that increase the levels of information security (anti-virus, anti-spyware, email filters).
  • Existing tools for filtering and restricting access to certain content and services.
  • The potential liabilities that may be incurred by users using the Internet for illegal purposes.

What sanctions could I get?

Above all economic. It depends on whether the infringement is considered mild, severe or very severe.

  • Minor offenses, a fine of up to 30.000 €.
  • Serious offenses, a fine of up to 30.001 to 150.000 €.
  • Very serious offenses, a fine of up to 150.001 to 600.000 €.

Organic Law on Data Protection (LOPD)

What should I do to comply with the LOPD?

Among many things, we can highlight the following:

  • Report to the General Data Protection Registry of the different files where data will be collected
  • Ensure that the data is suitable and truthful, lawfully obtained and processed lawfully and treated to the purpose for which they were collected
  • Ensure compliance with the duties of confidentiality and security.
  • Inform the holders of the collection of their personal data.
  • Obtain consent to the processing of personal data
  • Facilitate and ensure the exercise of the rights of opposition to treatment, access, correction and cancellation.
  • Ensure that there is compliance with the Data Protection Act in its relations with third parties that share access to personal data.

What sanctions could I get?

It depends on whether the infringement is considered mild, severe or very severe.
  • Minor offenses can vary between 601 and 60,101 euros. For example: not requesting registration of files.
  • Serious offenses are penalized with fines between 60,101 and 300,506 euros. Examples: create files that are unnecessary for the company, not sending the required notices or not respecting deadlines, or not caring about requirements.
  • Very serious offenses, punishable with up to 601,012 euros. For example: the systematic violation of obligations of file creation and notification.