Purpose
- Administration, maintenance and support of physical and logical equipment for processing information and communications installed at Banco de España
- Acquisition, development, maintenance and support of IT applications and systems, in accordance with functional specifications
- Acquisition and provision of support services for physical and logical infrastructure
- Regarding the ESCB-SSM IT Shared Services (e.g.:Darwin, ESCB mail, Epsilon, unless PKI), Banco de España used them for the performance of its functions, without having been attributed to it the administration, maintenance and support of these IT Shared Services.
Legal basis
- Performance of a task carried out in the public interest or in the exercise of official authority vested in the Banco de España pursuant to the Decision (EU) 2016/188 of the European Central Bank of 11 December 2015 on the access and use of SSM electronic applications, systems, platforms and services by the European Central Bank and the national competent authorities of the Single Supervisory Mechanism (ECB/2015/47);
- Performance of a contract to which the data subject is party
Categories of data subjects
- Collaborators
- Employees of Banco de España or SEBC.
- Other staff providing services at Banco de España or SEBC
Categories of personal data
- Identification data: Name, surname, ID number, healthcare card number, user code, image, social security number, electronic signature, residence card number
- Contact data: Phone number, e-mail, postal address
- Professional and academic data: Education background and professional position
- Economic data: Salary, bank accounts information
- Personal characteristics data: Family, nationality, age, date and place of birth
- Special categories of data: Trade-union membership, health data
- Technological data: IP address, logs, etc.
- Data relating to criminal convictions and offences
- Data of vulnerable subjects: Data of minors
Retention period
Personal data shall be retained for the time necessary to fulfil the purpose for which they were collected and to allocate any liability arising from said purpose and from the processing of the data.
Security measures
In accordance with the First Additional Provision of the Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights, the security measures implemented at Banco de España correspond to those provided for in the National Security Scheme.
Recipients
- Courts of Justice
- Other competent public authorities
International transfer of data
N/A
Data controller
Purposes 1,2 y 3 pointed out in the section Purpose are carried out by Banco de España as the sole controller of the processing.
Banco de España
NIF: Q2802472G
Purpose 4. “Regarding the ESCB-SSM IT Shared Services (e.g.:Darwin, ESCB mail, Epsilon, unless PKI), Banco de España used them for the performance of its functions, without having been attributed to it the administration, maintenance and support of these IT Shared Services.”, data processing is carried out by Banco de España and the rest of the Eurosystem member as joint controllers.
Data Protection Officer
Exercise of rights and complaints
You can check whether it is mandatory for you to provide your personal data, as well as the procedure to exercise your rights, withdraw your consent if applicable and lodge a complaint before the Data Protection Officer or the Spanish Data Protection Agency at our Privacy Policy