Spain: Published AEPD guidelines on the use of cookies

On 14 May 2024, the Spanish Data Protection Agency (AEPD) published an updated version of its guidelines on the use of cookies for 2024. The guidelines set out the obligations surrounding cookie usage and data processing to ensure compliance with legal requirements, particularly as outlined in the Law on Information Society Services and Electronic Commerce (LSSI) and the General Data Protection Regulation (GDPR). The guidelines explain key terminology relevant to cookie use, including drawing distinctions between different kinds of cookies. Further, the guidelines set out the obligations of controllers, which are primarily divided into transparency and consent requirements and the specific situations in which these obligations apply.