Your Web site complies with the laws?

Your Web site complies with the laws?

Many of us have a blog, portfolio, a website to offer our services or e-commerce, but do you know if your Web site meets the laws?

I think most do not, and is important because we face fines ranging from 601,01 euros (minor fines) to fines of 601,012.10 euros (very severe fines).

As you see it is no small feat, so in this study graphic design in Barcelona have to advise! thanks to lawyer and co-ForoBlackHat, as it not only affects ourselves, but also our customers may suffer the legal consequences.

These are the requirements that you must meet:

The Law Society Services Information and Electronic Commerce (LSSI)

Law 34/2002, of July 11, Services Information Society and Electronic Commerce (LSSI) 2, this law is applicable to all those websites, blogs, e-commerce ……

2 https://www.boe.es/buscar/act.php?id=BOE-A-2002-13758

In which there is an economic activity on that site, that is, it is getting an economic return in some way through this web, no matter the amount of money we’re talking, at the moment when a performance is obtained economic directly or indirectly, that website is obliged to comply with the requirements established in this law.

In short, this law is considered to apply to all those who are providers of a service, both individuals and legal entities, in exchange for remuneration or in the exercise of their economic activity, which can be electronic or not via, to request of a recipient of that service.
And the next question would be: What do you understand this law by “service”? To do this we go to the annex to the law itself, which tells us that service means:
1. The procurement of goods or services electronically.
2. The organization and management of auctions by electronic or virtual shopping malls and markets media.
3. Purchasing management in the network by groups of people.
4. The sending commercial communications.
5. The provision of information electronically.

So, once the subjects are bound to legal obligations established in the Act, and essentially we Article 10 establishes a number of basic obligations we have to offer on our website identified:
Name of individual or company name: That is on page legal notice, we must provide data natural or legal person who is behind the web.
Contact: Although a link is in the contact page and the footer have left another in the menu on the web, it is necessary that page legal notice home is found, the email address, a telephone number contact or any other information to provide the user the ability to contact the service provider, this can be realized Skype, Whatsapp, etc …
C.I.F or N.I.F .: So, in the case of a legal person you must provide the C.I.F and data registration of the company in the Commercial Register, however, if you are an individual, you have to provide your NIF or DNI
In the case of an e-commerce will also need to add, either on the page for product information or on the cart page, the price of the products, shipping costs, taxes and any other information that is of interest depending on the region.
collegial Services: In those cases in which to provide a service, you need to be registered at a school, see Bar, architects, doctors … It is also necessary that the number of referee is included in the section legal notice as well as a link to see that number or data referee gives the corresponding College.
If the activity that you are developing, requires some administrative authorization will also be required stating that authorization and the body that has been granted.
And regarding the information to be offered in the section “Legal Notice”  <aquí>  tienes un buen ejemplo.

I understand that at this point, you are upset or concerned about the amount of personal data that you have to offer, so my recommendation is that the page “Legal Notice” will sconces labeled “noindex” and thus, this website personal data will not show up in the SERPs of Google.
So far, we have been talking about the basic requirements that gives us this nice law, but I would like to discuss other requirements, some more specific than obliges us to this law in the case of services that require hiring over the Internet, any type of sale (e-commerce) sales service etc …. these being the following:
• Before the user clicks the “Buy” or “Pay Now” button is mandatory that he has shown all the information about the product or service you will hire a clear, simple, permanent and free.
• In addition, there will be warned if the contract will be archived electronically and from which you can access.
• Once the user has purchased the product, it is mandatory to communicate the purchase confirmation within a maximum period of 24 hours.
There are many more requirements established by this law, then we’ll talk about one that has given many headaches, but mainly with generic, these would be the basic requirements and if you meet, it is very likely not you face any sanctions.

A brief summary

The Organic Law on Data Protection (LOPD)

Another law we have to keep in mind when creating a web site and their respective sections, I’m sure you’ll get a surprise with the things you’ll have to do or change.
The Organic Law on Data Protection 5/19993 of 13 December, and the implementing regulation, Royal Decree 1720/20074 of 21 December, is where the different duties collected has a web when it comes to respect the protection of personal data of its users.

3 https://www.boe.es/buscar/doc.php?id=BOE-A-1999-23750

4 https://www.boe.es/buscar/doc.php?id=BOE-A-2008-979

This law tells us, from the outset, that links to the page privacy policy and legal notice (which may be the same page) must always be visible from any section.
When collecting any personal data on the website, it is necessary that a section in which the user accepts the privacy policy before entering the information requested on the form is established.
On that last point, we must clarify two things:
1. What is meant by personal data ?: The Data Protection Act says that personal data is any information to recognize an identified or identifiable person, so within these types of data that can recognize a person would: name, mail, IP address, marital status …
If at any time, although you are picking only be a fact of this style on your website, you need to register the file in the Spanish Data Protection Agency.
2. What kind of forms or fields would display this notice? Simply those that any personal data is collected, that is, not only in the form at the contact section, but it would also be necessary to place it on the form located in the comments area, newsletter, registration a new user, etc.

In the case of contact pages, as you can see at the end of the form, a required field in which the user pressed, accepts the privacy policy appears:

legalidad-en-la-web

And the same should happen in the comments section when a user is about to leave a comment:

estudio-de-diseño-barcelona

* If you subscribe to a newsletter, it would be necessary to enter the box accepting the “Privacy Policy” as long as you use double opt-in system, that is, at first the person who is interested in receiving information, enter your email in the field to sign up for your newsletter and then you get an email to your inbox where, besides confirming the identity of the person concerned, is also informed that performing such an act, is accepting privacy policy on your website.

Enlist the file in the AEPD

We have already discussed the cases where it is required the consent solicitation or acceptance by the user on the cessation of the personal data that are required in each case, so that once we are clear in that paragraph will request such data it is necessary to register the file in the Spanish data Protection Agency Why? Because the personal data you collect on your site about users, such personal data are still owned by users, so in order to perform the different rights acceso5, rectificación6 or cancellation7, there needs to be a file and that the file meets the minimum established by the LOPD.
Who are required to discharge this file? In addition to those persons who are established in Spanish territory when situated on Spanish territory and to those persons not established in Spanish territory, using means located on Spanish territory, such as the hosting are addressed.

5 Art. 15 de la LOPD

6 Art. 16 de la LOPD

7 Art. 17 de la LOPD

By fichero8, it means any format in an orderly fashion collect personal data such as Excel can be, as the section for your WordPress database where comments are collected.
To register the file in the AEPD, follow this link:
https://www.agpd.es/portalwebAGPD/canalresponsable/inscripcion_ficheros/Notificaciones_tele/obtencion_formulario/index-ides-idphp.php

8 Art. 3.b de la LOPD

So to avoid having to pay a single euro in penalties, I recommend that you apply, at least the following:

1) A basic level of security on your site, ie, perform backups of your files, access restrictions and control access to these files.

2) You must ensure the duty of secrecy

3) give users access rights, rectification, consultation and opposition of the data contained in these files, how to access should be free and easy

4) The consent when collecting data from users, you must first be given to the collection of such data if the data is collected and then the consent is sought, it is void.

5) If you go to collect personal data, such data must be processed fairly and lawfully, ie, you can not sell the data to third parties, in principle.

6) You can only collect appropriate and relevant data for purposes that are required on your website or service you offer.

Curiosities with Newsletters

It’s all said more or less on the regulations applicable to each case, but wanted to stop in the newsletter to clarify a number of points, they are a highly recommended way to retain customers, offer promotions, etc. But like everything, it is necessary to respect a number of requirements to avoid having any problems, listing them as follows:
1. Remember that you can only send a commercial electronic communication with those people who have previously accepted.
2. It is mandatory to give the user the possibility to terminate sending newsletter, you have to do it in a way that is clear, easy and visible in each communication.
3. After Telecommunications reform in 2014, is no longer mandatory to put in the mail the Palaba subject “Publi” or “Advertisement”.

A brief summary

The Cookies

Well the easiest part of Your website complies with the laws?

Until 2012 we had little idea they were, we knew they were out there and had a role, but since the law was changed and we started to see those images with sanctions and that pages with more traffic the Internet
began to implement, we began to worry about the cookies.
Use and effective compliance has been regulated in the famous Act Cookies, which is not a law as such, if not an amendment of Article 22 of the LSSI held by transposition of a European directive.

But … What cookies are required to obtain prior authorization from the user? Only technical cookies, ie those storage devices or data recovery that are necessary for the technical operation of the website, such as the cookie that is responsible for storing the goods you will add to shopping cart are saved, the cookie that is responsible for keeping the password you entered, etc. These techniques cookies are not required to obtain prior authorization, but if it is necessary to collect in the section “Cookies Policy”.
The rest of Cookies … yes, requires authorization, ie, the vast majority, and here we enter the debate How to request such authorization ?: With a banner pop up ?, A ?, A floating ad? … To solve this question, let’s read the article about cookies, which states: “service providers can use storage devices and data retrieval terminal equipment recipients, provided that they have given their consent after They have been given them clear and complete information … ”
Interpreting Article literally, the installation of cookies on the user’s computer can not be performed until it has given its consent and he has shown clear and complete information.
But this law is totally ambiguous, so it does not establish anything specific about how it should be that consent, if I express or tacit, so here is where we can “take advantage” and warn that the website you are visiting uses cookies and if the user is surfing the web is accepting its use as well make the most important web pages:

Having said paragraph of the notice, it’s time to write the Cookies Policy and Law requires us to collect the following data in Cookies Policy:
• What are Cookies?
• What will be installed on the user’s computer when visiting your site?
• What are they for?
• Provide additional information about cookies that are to be installed
• Provide information to revoke consent Installation Cookies

Plugins to meet the “Law of Cookies” 

1º Cookie Law Info (link)

estudio-de-diseño-barcelona-1

Es el primer plugin que te recomiendo porque es uno de los que más cambios permite a la hora de mostrar los avisos sobre las cookies, puedes personalizar el mensaje, botones, colores, lugar del aviso, duración… Además es White Hat Legal, esdecir, cumple perfectamente con la ley, hasta que no acepta el usuario las cookies,estás no se instalan.

2º Cookie Control (enlace al plugin)

estudio-de-diseño-barcelona-2

Another plugin that I quite like, you can customize the notices as in the previous plugin, what differentiates the previous plugin is that this plugin leave a message permanently on the web to enable or disable the installation of cookies on your computer user, so this plugin is Legal White Hat, perfectly fulfills the Law.

3º Asesor de Cookies (link)

estudio-de-diseño-barcelona-3

A plugin pata negra, manufacturing 100% Spanish, now is the plugin I am using all my websites that say to comply with the law. The plugin is quite simple, just install and configure notice Cookies on your website, you link the page where you want to direct users to consult your Cookies Policy.

A brief summary

Domain Names

First, I would like to talk to the rule “first come, first served” in gaditano means “The first requesting registration of a domain name is what it is” is a logical rule that applies in the most of records, but in those that produce a series of violations, that is when it can happen from the cancellation of that domain, until the transfer of the domain to its rightful owner Occupation of brands.

As I mentioned at the beginning of this subchapter, when registering a domain, it is very common to try to register with the keywords you are trying to position, and if we try to position a product or a relevant brand, we can find to serious problems because of that trademark holders have the ability to prohibit use against third parties in the course of trade:
• Prohibit the use of a third equal sign or identical to your brand, product or service.
• Prohibition of the use of any sign that being identical or similar, exists a likelihood of confusion to the public.
• Prohibition of any sign for goods or services, which is still used for a different purpose for which the mark is registered, the use of such sign is without just cause. This is the case of registering a domain of a company that does not have a website.
In short, if in registering a domain, you use a sign which constitutes a reproduction or imitation of a protected trademark, would conflict with the copyright of third parties.
So to be sure they are not usurping any brand, I advise you to look locator Trademark Office Patent and Trademark (enlace al localizador).

In case you want to register a trademark or product in your domain name, from now on, when you do, you will be fully aware that if the author of that brand or product feels violated, you can start the relevant procedures for transmitting said domain to its rightful owner. Remember that what is protected in law are the second-level registrations, so that in a third level you are fully free to use the brand or product you want What does this mean? Very simple, to right, the domains are divided into the following levels:

estudio-de-diseño-barcelona-4
This means that when creating subdomains or folders, you are completely free to use signs or trade names that are identical to trademarks or registered, as long as the 2nd level of your domain does not use any sign or trademark products, so that, and it ended, when registering a new domain, it will be interesting values the possibility of including the exact keyword in a subdomain or folder, and so you make sure that the domain will not be claimed by third parties, ideally register the following domain and then create a subdomain for not violate any rights:

diseño web y legalidad

The links

Due to the recent reform of the Copyright Act, Law 21/2014 of November 4, has led to Google News has disappeared from the search results on Google Spain, so the issue is serious.
How does this law affect your website?
For in many ways:
• The reform of the Copyright Act makes it clearer than ever, you can not upload images to your website without the author’s consent, so very careful up the first image we find in the search.
• The websites that advertise on websites offering illegal material, shall be punished by a fine.
• You can not create specialized search engines in a niche market and offer protected content.
• You can not climb or hang on your web links to copyrighted material, although such protected material not found on your website. It persecutes those sites that host links that point to protected content.
• IF you can link and reference content you find on other blogs or websites, not a short excerpt or title 3rd level 2nd level 1st level of an article and in turn you link to the web passes nothing if your web copy where you removed. You can only be sanctioned if you upload your web full contents without the consent of its owner.
I would like to point out that if your website is violating some kind of content protected by the Copyright Act, it is very likely that the company concerned will contact you and notify you of such breach Why do this? For so, to send a simple mail, and do not answer or not withdraw the content, the company can go to the Second Section of the Commission on Intellectual Property and follow procedures, this Section will check that occurred by the company notice of, and that there was no response on your part, so you importante10 face a penalty.

10 Art. 158 ter de la Ley de Propiedad Intelectual

Recalls that Directive 2000/31 / EC provides that information providers, such as the webmaster of a forum, online newspaper, social network, etc. They are not required to perform a manual monitoring of data or content that are uploaded to its platform, however, to exempt us from any responsibility, good writing in the legal notice section of liability for external links will make us sleep more quiet.

 

Your Web site complies with the laws ?, last part> Possible Crimes on your website

buffff …… I did not expect this to be so dense and extensive, but quiet and just. We will summarize the most typical cases and how you should react in each case.
Freedom of expression / information and privacy VS Injurias
If you have a blog about politics, for example, is likely to speak well of a bad political sector and other political sector, the problem arises when that view conflicts with the honor and human dignity.
To what extent you can speak freely amparándote in freedom of expression? I can not give you a precise answer, because it will be necessary to study each particular case, but if I can give you a set of rules or guidelines to follow so that you are sure that the opinion you are writing, is covered on your right to freedom of expresión11 .

11 Art. 20.1.a de la Constitución Española

1) People who hold public office or persons whose profession is recognized or notoriety, say they have a greater degree of criticism (STC 101/2003).
2) Never reveal personal aspects of daily life or anyone unnecessarily about the information you are offering, then you would be violating his right to privacy (STC 127/2003)
3) The courts usually grant a prevalent character of the right to freedom of information provided it does not violate the presumption of innocence (STC 21/2000), that is, you can not convict someone who is still innocent.
4) Never use expressions which give a clear social rejection and stay away from that spirit of informing users to denigrate a person.
Crimes against privacy, threats and insults
Another typical case, especially in forums and social networks, is the violation that occurs to privacy, freedom and honor of the people.
I will not dwell much on this aspect, just let you know that as a webmaster or person responsible for a website, in the legal notice, it is advisable that you set conditions of use, and if a user is a victim or observe any conduct with criminal appearance, put it in facilitating contact mail for this.
Very briefly, I define each of the cases can be given:
• Calumnias12: One of honor crimes occur most anywhere, occurs when a user accused of a crime to another user.
• Amenazas13: expressions containing the announcement of a bad cause someone, regardless of that evil will occur or not. The legal right is protected is freedom and the right to peace and tranquility in the personal development of our lives.
• Injurias14: Those expressions that affect the honor of a person, meaning honor those considerations have on a person.
• Intimidad15: Basically it comes to revealing secrets that violate the privacy of another person, and the discovery of this secret has been made public without the consent of that person
All of the above, this may sound logical, but I assure you that on the day, many violations of these rights occur.

12 Art. 205 del Código Penal

13 Art. 169 del Código Penal

14 Art. 208 del Código Penal

15 Art. 197 del Código Penal

16 Art. 401 del Código Penal

Impersonation
“Thank you” to the anonymity offered by the Internet, many people take the opportunity to impersonate other people without their consentimiento16, uploading images, personal data and comments does not require that economic harm or otherwise is caused simply by the fact to be acting under the name of another person and it would result in criminal conduct.
So, to prevent theft or impersonation on your website, it is advisable that you offer to users under the conditions of use of your website, a series of instructions when they are at such an infringement, to act quickly and prevent further producing such an infringement.

Does the Webmaster or owner of the site has some sort of vicarious liability for the contents that are uploaded to your site?
This is a question that I carry out with quite frequently, and to give an adequate answer would have to know each case specifically, its characteristics as well as the number of comments, threads and requests received by the webmaster of the site.
But generic one could say that may exist only subsidiary liability to the webmaster of a website, in those cases where he has required the removal of content in a reliable way, ie can confirm that it has received the message it may be judicial, police, burofax way … And in the event that the webmaster of the site shows a lack of appropriate action being taken, could be directed against said Webmaster performance.
However, to the safe side, I recommend using a good text in the section terms of use or legal notice, that says more or less the following: “The administrators of the website ……. we are not responsible for the opinions, assessments or different contents of users who use the services we offer on our website. However, in the event of other activity that could derive any civil and / or criminal, please let us know by email at … .., to remove as soon as possible the content might be violating those rules legal.
However please understand that due to the number of comments, strings, emails and other requests that are made on our website every day, understand that the removal of such content could be delayed in time because of that workload ”
This paragraph will not make you immune, legally speaking, but if you can serve as a guarantee to defend your interests, because as stipulated in the art. 17 of the LSSI, there are only two cases responsibility for not requiring the Webmaster of a site that links to other protected contents are:
• Do not have actual knowledge of such activity
• If you have knowledge of such activity, have acted with diligence in
remove such content

Sorry haberos such as “suckling pig” but if that we have avoided a fine, and I am satisfied!

You know, if you thought interesting … Share!

Leave a Reply

Your email address will not be published. Required fields are marked *