With entry into force of the Organic Data Protection Act, Act No. 15/1999 of 13 December 1999 (“the LOPD” according to its Spanish abbreviation), it became mandatory for companies, associations, and professionals to bring their data files into compliance with the requirements laid down in that Act to ensure the fundamental right to protection of all personal data relating to personal and family honour, dignity, and privacy. This right is enshrined both in Spain’s own Constitution and in European Union law.

ELZABURU, with its IP expertise, can furnish legal advice with a view both to defending one’s rights against unlawful use of one’s personal data by third parties and to helping businesses comply with legislation regulating the three levels of data protection, basic, medium, and high, depending on the nature of the data concerned.


Drafting the terms and conditions of personal data processing service agreements.

Ensuring compliance with data protection regulations at all levels, general and sector-specific, local and Community-wide.

Designing strategies for compliance with the new EU Data Protection Regulation.

Drawing up security guidelines and privacy policies for public and private organizations.

Impact studies.

Providing legal defense in enforcement actions by the Spanish Data Protection Agency.

Data protection and security audits.

In-house training programmes for managers and staff of data protection and compliance departments.

Data Protection Officer services.

Managing cross-border data transfers and BCRs.

Designing, implementing, and supervising accountability, Privacy by Design and by Default.