Flag of ES

Privacy Regulations in Spain

3 privacy and data protection regulations that apply in Spain

All Regulations

Europe3

GDPR
EU + EEA
Flag of ATFlag of BEFlag of BG+27
Opt-inSupranational

The GDPR sets the global standard for data protection, requiring explicit opt-in consent before processing personal data of EU/EEA residents. For websites, non-essential cookies must be blocked until visitors actively consent. Pre-ticked boxes and implied consent are invalid.

ePrivacy Directive
EU + EEA
Flag of ATFlag of BEFlag of BG+27
Opt-inSupranational

Article 5(3) of the ePrivacy Directive is the primary EU legal basis requiring cookie consent. It mandates prior informed consent before storing or accessing any information on a user's device, with narrow exceptions only for transmission necessity and explicitly requested services.

LSSI
Spain
Flag of ES
Opt-in

Spain implements the ePrivacy Directive through Article 22 of the LSSI. Cookie violations are classified as slight offenses with EUR 30,000 fines per URL, but multiple URLs multiply penalties. AEPD allows consent-exempt analytics under privacy-friendly configurations, similar to CNIL.