We provide advice on contractual and regulatory issues related to intellectual property rights, information technologies,online marketing, ecommerce, data protection and, generally, Internet and consumer law. We have been involved in several administrative and court investigations for loss and unlawful access to data.


GDPR Compliance

We provide advisory services on GDPR adequacy. Among our clients are the largest Spanish franchise network of real estate services, a hotel and golf resort, a Swiss-Spanish company that provides 3D image services to the aesthetic surgery sector and a Swedish software company dedicated to vacation rental marketing.

Retainer by a leading global hygiene and health company

We provide on-going data protection under retainer to a Swedish multinational company, listed in Nasdaq Stockholm, with sales in approximately 150 countries. We also advise them on Spanish trademark and advertising matters.

Privacy and data protection due diligence within the e-payment industry

We have advised a US company in the privacy issues of a cross-border acquisition of one of its competitors within the payment services industry.

Connected Automobiles

We have participated in an intra-EU advisory programme for a German car manufacturer with respect to connected car services, particularly focused on telecoms and data protection regulations.

Video surveillance

Advice to multinational hotel chain regarding inquiry from Data Protection Agency on video surveillance system in Madrid flagship hotel.

Processing of health data for research purposes

We have advised a medical organization that intended to conduct research in the field of implant and refractive surgery and the study and practice of ophthalmology. We reviewed the legal framework for processing health data for research purposes in Spain, particularly the flexibility provided by the Spanish Data Protection Act to process health data for research purposes on legal basis other than express consent.

COVID Aid Programmes for Small- and Medium-Sized Companies

GDPR and Spanish Data Protection Act advice to a multinational online platform regarding relief aid packages for small- and medium-sized companies in the context of the COVID lockdown.

New Videoconference Service

Advice on Terms and Conditions and Privacy Notice of a new videoconference service deployed to address demand arising from the COVID lockdown.

Data Breach

Filing of a data breach notice with the Spanish Data Protection Agency on behalf of an international cruise ship operator. The initial filing was followed by three additional notices until the management of the breach was concluded.

Health Data

We have advised a CRO (contract research organization) on the new regime for the processing of health data applicable in Spain under the new 2018 Data Protection Act.

Retainer by a Large Courier Group

We provide on-going data protection advice under retainer to a large US-based multinational corporation dedicated to parcel delivery services.

PIA of large US software company

We have reviewed the privacy impact assessment (PIA) of a large US software company related to the management of an operating system.

Personal Data Transfers to the US

We have provided consultation on several occasions in connection with access of personal data of Spanish residents in the context of US court litigation and investigations by US regulatory bodies.

Internal Investigation

We provided a large US cosmetics group with advice they required on the privacy implications of the collection of personal data of their managers in the context of an internal investigation.

Car Financing Services

We have advised the consumer credit branch of a large Spanish commercial bank on certain data protection aspects of car financing services.

Whistleblowing Protocols

We have advised a Japanese biotech company regarding aspects of data protection connected to the implementation of a whistleblowing scheme.


We collaborate with different universities and institutions as professors of, amongst other, data protection courses.