New Ways of Working

Explore and keep track of key legal and compliance considerations for multinational employers as new ways of working become increasingly embedded as the pandemic begins to recede. Learn more about the response taken in specific countries or build your own report to compare approaches taken around the world.

Choose countries

 

Choose questions

Choose the questions you would like answering, or choose all for the full picture.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

02. Outline the key data protection risks associated with remote working in your jurisdiction.

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

Apart from the general personal data protection issues to be considered, there are two significant risks.

First, under article 17 of Law 10/2021, any digital program or software to monitor remote workers must grant employees privacy and protection of personal data according to the Organic Law on Personal Data Protection and Digital Rights Guarantees. In particular:

  • an employer’s access to the digital technology provided to the remote worker must be limited to checking compliance with labour obligations and to guaranteeing the integrity of the devices;
  • employers must establish the terms of use of the digital devices, and the workers’ representatives must participate in drafting them;
  • employers must inform remote workers about the terms of use of the digital devices; and
  • regardless of the terms of use, an employer’s access to the digital means must be necessary for the employer to achieve a legal purpose, appropriate for such legal purpose and proportional to achieve such legal purpose. Based on this, the employer should implement the least invasive way of monitoring remote workers’ activity to achieve the legal purpose the employer is pursuing.

Any measure to monitor employees’ activity should meet these requirements; otherwise, an employer’s decision arising from such monitoring could be deemed unfair, and there could be a breach of the employee’s privacy, which could lead to a damages claim and an administrative fine.

Second, employers must comply with the principles of personal data processing under article 5 of the GDPR, especially purpose limitation and data minimisation, which means that the personal data the employer can process should be only what is the minimum necessary data for the performance of the labour contract or compliance with their legal obligations. Therefore, employers are not entitled to, for instance, force remote workers to turn on their cameras during working hours.

Third, despite remote working, employers must comply with health and safety obligations, which could lead to the employer or its health and safety services provider visiting an employee’s home to evaluate its risks. In that case, employers should issue a report justifying the visit and provide it to the remote worker and the health and safety workers’ representatives in advance. Additionally, to access any remote worker’s home, the employer must first obtain their consent.

If they do not give their consent, measures on health and safety should be based only on the information provided by the remote workers.

Last updated on 21/09/2021

06. Do employers have any scope to reduce the salaries and/or benefits of employees who work remotely?

06. Do employers have any scope to reduce the salaries and/or benefits of employees who work remotely?

Flag / Icon

Spain

  • at Cuatrecasas
  • at Cuatrecasas

Article 4 of the Law on Remote Working provides equal rights for remote and on-site workers, so they receive equal pay and are entitled to the same schedule, breaks and work-life balance, and they are expressly included in equality plans and harassment prevention protocols.

Last updated on 21/09/2021