Digital Service Providers
Royal Decree 43/2021, of 26 January, aims to develop Royal Decree-Law 12/2018, of 7 September, on the security of networks and information systems, regarding the strategic and institutional framework for the security of networks and information systems, the supervision of compliance with the security obligations of operators of essential services and digital service providers, and the management of security incidents.
Digital Service Providers meet the following conditions:
- To provide any of the following digital services defined in the royal decree-law: online markets, online search engines and cloud computing services.
- That they are not micro-enterprises or small enterprises.
- That they have their registered office in Spain and that constitutes their main establishment in the European Union, or, when they are not established in the European Union, that they designate in Spain their representative in the Union for compliance with the Directive (EU) 2016/1148 of the European Parliament and of the Council.
This Royal Decree provides that Digital Service Providers that comply with these conditions and have already been providing services must communicate their activity to the Secretary of State for Digitalization and Artificial Intelligence, of the Ministry of Economic Affairs and Digital Transformation, within three months of the entry into force of this royal decree-law, and that those who begin their activity communicate it to the competent authority within three months from the date of beginning, for the sole purpose of their knowledge.
Royal Decree 43/2021, of 26 January, which develops Royal Decree-Law 12/2018, of 7 September, on the security of networks and information systems.