Has the data privacy authority issued any guidance on data privacy compliance in the context of transactional activity (including, but not limited to, share sales, asset sales, reorganizations or spinouts)?
Last reviewed: January 2025
☒ No
The Spanish applicable personal data protection legislation already some provisions in relation to the data protection and sharing of personal data in the context of transaction processes.
In the context of an asset sale (the sale of a separate business unit as a going concern), does the acquiring entity inherit liability for pre-acquisition data privacy or cybersecurity breaches (connected with the assets that are the subject of the asset sale)?
Last reviewed: January 2025
☒ It depends (for example, on the way the asset sale is structured, and/or the assets being acquired)