Spain: AEPD fines Telefónica €30,000 for GDPR violation
The Spanish data protection authority ('AEPD') issued, on 18 March 2020, a resolution ('the Resolution') in proceeding PS/00351/2019, fining Telefónica Móviles España, S.A.U €30,000 for violations of Article 58(2) of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the Resolution outlines that Telefonica had failed to respond and comply with resolution TD / 00127/2019 from the Director of the AEPD to send the claimant certification stating that it had responded to the claimant's right of access/erasure request or had denied the request providing reasons for such a refusal. In addition, the Resolution highlights that under Organic Law 3/2018, of 5 December 2018, on the Protection of Personal Data and Guarantee of Digital Rights, a violation of Article 58(2) of the GDPR is considered a serious infraction.
You can read the Resolution, only available in Spanish, here.