ai-00193-2023.pdf

Summary

The Spanish Data Protection Agency (Agencia Española de Protección de Datos) has concluded an investigation into allegations that SPOCK P2P, S.L., a company that operates an energy trading platform, was processing personal data in violation of the General Data Protection Regulation (Regulación General sobre Protección de Datos).

The investigation found that while the platform did collect and process certain personal data from users, it did not appear to be processing such data in a manner that would be considered non-compliant with the GDPR. The agency noted that the company's privacy policy was available on the website and that users were required to provide their consent before participating in energy trading activities.

The investigation also found that the company's data collection practices were consistent with industry standards and best practices, and that there was no evidence of any intentional or reckless disregard for user privacy.

Key Points

• The agency investigated allegations that SPOCK P2P, S.L. was processing personal data in violation of the GDPR.
• The investigation found that the company's privacy policy was available on its website and that users were required to provide their consent before participating in energy trading activities.
• The agency did not find any evidence of intentional or reckless disregard for user privacy.
• The company's data collection practices were consistent with industry standards and best practices.
• The investigation concluded that there was no reason to believe that the company had engaged in any wrongdoing, and therefore, the case was closed without further action.