Transparency

Public procurement proceedings

Purpose

  • Management and processing of public tenders
  • Accounting, tax and administrative management arising from public procurement proceedings
  • Control of expenses and investments associated with procurement proceedings
  • Processing of the annual declaration of transactions with third parties
  • Compliance with tax obligations
  • Compliance with AML/CFT obligations
  • Processing of custody services to public institutions

Legal basis

  • Compliance with a legal obligation to which the controller is subject pursuant to:
    • (i) Law 9/2017, of 8 November on Public Sector Contracts.
    • (ii) Law 25/2013, of 27 December, on the promotion of electronic invoicing and the creation of the accounting register of invoices in the public sector.
    • (iii) Law 10/2010, of 28 April, on the prevention of money laundering and terrorism financing.
    • (iv) Law 12/2003, of 21 May 2003, on the prevention and blocking of the terrorism financing.
    • (v) Law 58/2003, of 17 December, on General Taxation.
    • (vi) Organic Law 6/198, of 1 July 1985, on the Judicial Authority.
  • Performance of a contract to which the data subject is party.

Categories of data subjects

  • Tenderers
  • Suppliers
  • Legal representatives
  • Persons authorized or empowered by direct account holders
  • Taxpayers and obligated subjects
  • Applicants
  • Customers of non-financial goods and services
  • Employees/representatives of tenderers and suppliers (in some cases when they are included in tenders or contract performances for professional contact)

Categories of personal data

  • • Identification data: Name, surname, ID number
  • • Contact data: Phone number, e-mail
  • • Professional and academic data: Education background and professional position
  • • Economic data: Good and services transactions, commercial information, salary (in tender procedures when there are subcontracted staff)
  • • Data related to administrative infringements
  • • Personal characteristics data: Nationality

Retention period

Personal data shall be retained for the time necessary to fulfil the purpose for which they were collected and to allocate any liability arising from said purpose and from the processing of the data.

Security measures

Security measures provided for in Annex II of Royal Decree 3/2020, of 8 January, which regulates the National Security Scheme in the field of Electronic Administration.

Recipients

  • Credit institutions
  • Interested parties (to challenge the proceeding)
  • Tax Administration
  • Social security institutions
  • Spanish AML/CFT supervisor (Sepblac)
  • Court of Auditors
  • Courts of Justice
  • Other competent public authorities

International transfer of data

N/A

Data controller

Banco de España
NIF: Q2802472G

Data Protection Officer

Division of Governance and Transparency
Contact formOpens in a new window

Exercise of rights and complaints

You can check whether it is mandatory for you to provide your personal data, as well as the procedure to exercise your rights, withdraw your consent if applicable and lodge a complaint before the Data Protection Officer or the Spanish Data Protection Agency at our Privacy Policy