Spanish Data Protection Law (LOPDGDD) - Article 11

Related to transparency and information to the affected party, and it requires the controller to provide certain information to data subjects when collecting their personal data.

When personal data is obtained from the data subject, the data controller may comply with the duty of information established in Article 13 of Regulation (EU) 2016/679, providing the data subject with the basic information referred to in the following section and indicating an electronic address or other means that allow easy and immediate access to the remaining information. 
The basic information referred to in the previous section must contain, at least: a) The identity of the data controller and his representative, if applicable. b) The purpose of the treatment. c) The possibility of exercising the rights established in articles 15 to 22 of Regulation (EU) 2016/679. If the data obtained from the data subject were to be processed for profiling, the basic information will also include this circumstance. In this case, the affected party must be informed of their right to oppose the adoption of automated individual decisions that produce legal effects on them or significantly affect them in a similar way, when this right occurs in accordance with the provisions of article 22 of the Regulations. (EU) 2016/679. 
When the personal data has not been obtained from the data subject, the data controller may comply with the duty of information established in article 14 of Regulation (EU) 2016/679 by providing the data controller with the basic information indicated in the previous section, indicating an address electronic or other means that allow easy and immediate access to the remaining information. In these cases, the basic information will also include: a) The categories of data subject to treatment. b) The sources from which the data came.