Back

Records of data processing activities

Internal whistleblowing channel (SIIBE)

Purpose

  • Receive and manage reports of irregularities received through the Banco de España's Internal Information System (SIIBE), which are attributable to the Banco de España or its staff and which have come to the attention of the reporting person within the framework of an employment or professional relationship with the Banco de España.
  • Document the content of the aforementioned communications made in person, by recording or transcribing them in full.

Legal basis

  • The processing is necessary for the compliance of a legal obligation provided for in Law 2/2023, of February 20, regulating the protection of people who report on regulatory violations and the fight against corruption.
  • Consent for the data processing consisting of the recording of communications that are reported in person.

Categories of data subjects

  • Breach reporters, if identified, or their legal representatives.
  • Other natural persons whose data may be mentioned in the framework of the information communicated, as well as in the actions carried out in its management and processing.

Categories of personal data

  • Identification data: Name, surname and password.
  • Contact details: Telephone number and e-mail address.
  • Professional data: Confirmation as to whether or not work or professional services are or have been provided at Banco de España.
  • Other: Voice and other data that may appear in the complaint or that may be mentioned in the framework of the actions carried out in the management and processing of the complaint.

Retention period

Personal data shall be retained for the time necessary to fulfil the purpose for which they were collected and to allocate any liability arising from said purpose and from the processing of the data.

Security measures

Security measures provided for in Annex II of Royal Decree 3/2020, of 8 January, which regulates the National Security Scheme in the field of Electronic Administration.

Recipients

  • Judges, courts and other competent bodies or authorities, only if the disclosure is necessary for the fulfilment of a legal obligation or in order to verify and analyse the facts reported.

International transfer of data

N/A

Data controller

Banco de España

NIF: Q2802472G

Data Protection Officer

Division of Governance and Transparency

Contact formOpens in new window

Exercise of rights and complaints

You can check whether it is mandatory for you to provide your personal data, as well as the procedure to exercise your rights, withdraw your consent if applicable and lodge a complaint before the Data Protection Officer or the Spanish Data Protection Agency at our Privacy Policy.

Previous External whistleblowing cha... Next Electronic certificates...