Surveillance, access and permanence control to Banco de España premises


  • Security management, control of access and appointments in the buildings of Banco de España for the prevention and investigation of crimes against persons or property.
  • Management of the prevention and investigation of misconducts by Banco de España as an employer.
  • Supervision of the execution of academic internship agreements where a specific number of hours and/or a schedule is set out.
  • Registration of vehicle plates and access authorizations for safety purposes.
  • Management of the reservation of meeting rooms in the buildings of the Bank of Spain
  • Supervision of the execution of contracts with Banco de España suppliers to ensure the proper provision of the agreed services.

Legal basis

  • Performance of a task carried out in the public interest or in the exercise of official authority vested in the controller pursuant to:
    • (i) Organic Law 3/2018, of 5 December, on Data Protection and guarantee of digital rights.
    • (ii) Law 13/1994, of 1 June, on the Autonomy of Banco de España.
    • (iii) Law 5/2014, of 4 April of Private security
    • (iv) Law 8/2011, of 28 April, which establishes measures for the protection of critical infrastructure
    • (v) Law 9/2017, of 8 November, on Public Sector procurement
  • Performance of a contract to which the data subject is party.

Categories of data subjects

  • Employees
  • Citizens
  • Providers
  • Partners
  • Sub-contracted staff
  • Interns

Categories of personal data

  • Identification data: Name, surname, ID number and vehicle plate
  • Contact data: Phone number
  • Professional: Organization for which the data subject is working, number of employee and number of card registration
  • Data on personal characteristic: nationality, date and place of birth
  • Data relating to permanence in the Banco de España premises
  • Data related to the commission of criminal offences
  • Other data: Image and voice
  • Data derived from the verification regulated by art. 36,1,i) Law 5/2014 of April 4 Private Security
  • Biometric Data: Fingerprint and Iris Pattern

Retention period

Personal data is kept for the time necessary to fulfill the purpose for which it was collected and to determine the possible responsibilities that may arise from said purpose and data processing. To this end, the retention periods must be in line with the document retention policy established by the Bank of Spain.

Security measures

Security measures provided for in Annex II of Royal Decree 3/2020, of 8 January, which regulates the National Security Scheme in the field of Electronic Administration.


  • Law enforcement authorities
  • Madrid Town Hall
  • Courts of Justice
  • Other competent public authorities

International transfer of data


Data controller

Banco de España
NIF: Q2802472G

Data Protection Officer

Division of Governance and Transparency
Contact formOpens in a new window