There is no doubt that the easiest way to reach consumers today is through digital platforms. Companies or providers do not only offer their services through their web pages, but also through multiple digital platforms offered by the market, such as social networks.

There is a constant exchange of data through these digital platforms, therefore both providers and users must know the necessary legal tools (rights and obligations) to avoid risks in such exchange.

Suppliers must ensure that they are in compliance with the applicable data privacy legislation in force, by presenting users or consumers (clearly and in accordance with what is established by law) with a Privacy Notice where the information is explained in detail, reason(s) and purpose(s) for collecting data, transfer of data (where applicable) , as well as the elements that will be used to ensure that the said data will be protected at all times. They must also ensure that they have the consent of those who share their data with them, and that said consent complies with the requirements established by law. It is important to mention that the law imposes specific obligations on providers (who are responsible for the processing of personal data) which must be observed at all times, in order maintain best practices and to avoid possible sanctions imposed by the competent authority, in this case the INAI Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales.

In the same way, users must ensure, before sharing any personal data on any digital platform, that they are accessing a platform where their data will be used, treated, and protected in accordance with the law, and their rights to access, rectification, cancellation, or opposition (ARCO rights) that the legislation grants them. It is important that users give their consent to the processing of their data, each time they share them.