Back

Records of data processing activities

Management of treasury and financial market operations (MAPS)

Purpose

  • Settlement of treasury and financial markets transactions, including portfolios, reserves and foreign currency transactions by means of a dedicated tool jointly developed and operated by Banco de España and Banque de France (MAPS).

Data controller

  • Where Banco de España and Banque de France settle jointly their own operations, they act as joint controllers.
  • Where Banco de España and Banque de France provide joint services to other national central banks which have hired the MAPS tool to settle their transactions (i.e., De Nederlandsche Bank, Central Bank of Malta, Central Bank of Ireland and Central Bank of Cyprus), Banco de España and Banque de France act as joint data processors.

Legal basis

  • Where Banco de España acts as a joint controller:
    • Performance of a task carried out in the public interest pursuant to Law 12/1994 of June 1 on the Autonomy of Banco de España.
    • Performance of a contract to which the data subject is party for the processing personal data of employees of Banco de España.
  • Where Banco de España merely acts as a joint processor, the processing is based on the data processing agreements entered into pursuant to article 28 GDPR.

Categories os data subjetcs

  • Where Banco de España acts as a joint controller: employees of Banco de España and Banque de France who either use or operate the MAPS tool.
  • Where Banco de España merely acts as a joint processor: representatives and contact persons of national central banks which have hired the MAPS tool (i.e., De Nederlandsche Bank, Central Bank of Malta, Central Bank of Ireland and Central Bank of Cyprus).

Categories of personal data

  • Identification data: Name, surname, user-ID.
  • Contact details: phone number, email and postal address.
  • Academic and professional data: business position, name of the employer.
  • Technological data: date of latest login, date of latest password, number of access attempts using a wrong password.

    Retention period

    The data will be kept for the time necessary to fulfill the purpose for which they were collected and to determine the possible responsibilities that may arise from said purpose and the processing of the data. For this purpose, the retention periods must be in line with the document retention policy established by the Banco de España.

    Security measures

    Security measures provided for in Annex II of Royal Decree 3/2020, of 8 January, which regulates the National Security Scheme in the field of Electronic Administration.

    Recipients

    • Banque de France.
    • Accredited auditors.
    • Courts of Justice.
    • Other competent public authorities.

        International transfer os data

        N/A

        Data Protection Officer

        Banco de España
        Division of Governance and Transparency
        Contact form

        Banque de France:
        1200-DPD-delegue-ut@banque-france.fr Send email: Opens in new window

        Exercise of rights and complaints

        For the processing operations where Banco de España acts as a joint controller, you can check whether it is mandatory for you to provide your personal data, as well as the procedure to exercise your rights, withdraw your consent if applicable and lodge a complaint before the Data Protection Officer or the Spanish Data Protection Agency at Banco de España’s Privacy Policy.

        For the processing operations where Banco de España merely acts as a joint processor for other national central banks, you may contact the relevant national central bank acting as data controller to exercise your data protection rights and find out more about the processing.

        Previous Training, mobility and deve... Next Electronic ID...