Purpose
- Processing of recovery and payment orders in foreign currency
- Handling of deposits in foreign currency held by public institutions
- Execution of portfolio management operations
- Prevention of fraudulent transactions in credit transfers settled through STEP2
- Recording of telephone conversations related to contracted portfolio management operations to verify the proper functioning of the contracting procedure and resolution of discrepancies, as well as for the investigation or verification of labor breaches or allegedly unfair, fraudulent or illegal actions
Legal basis
Performance of a task carried out in the public interest or in the exercise of official authority vested in the controller pursuant to:
- Law 13/1994, of 1 June, on the Autonomy of Banco de España
- Law 10/2010, of 28 April, on prevention of money laundering and terrorist financing
Performance of a contract to which the data subject is party
Legitimate interest of the ordering parties of transactions with respect to the processing linked to the prevention of fraudulent transactions
Categories of data subjects
- Beneficiaries
- Taxpayers and compelled subjects
- Employees
- Legal representatives
Categories of personal data
- Identification data: Name, surname, ID number, signature
- Contact data: Phone number, address
- Economic and financial data: Data related to transactions, account number
- Data regarding administrative infringements
Retention period
Personal data shall be retained for the time necessary to fulfil the purpose for which they were collected and to allocate any liability arising from said purpose and from the processing of the data
Security measures
Security measures provided for in Annex II of Royal Decree 3/2020, of 8 January, which regulates the National Security Scheme in the field of Electronic Administration
Recipients
- Credit and other financial institutions
- Spanish AML/CFT supervisor (Sepblac)
- Courts of Justice
- Other competent public authorities
International transfer of data
Non-EU financial institutions receiving recovery and payment orders in foreign currency. International transfers of data to such entities are necessary for the performance of a contract to which the data subject is a party, and are therefore permitted in accordance with the exception provided for in Article 49(1)(b) of the GDPR.
Data controller
Banco de España
NIF: Q2802472G
Data Protection Officer
Division of Transparency and Data Protection
Contact form
Exercise of rights and complaints
You can check whether it is mandatory for you to provide your personal data, as well as the procedure to exercise your rights, withdraw your consent if applicable and lodge a complaint before the Data Protection Officer or the Spanish Data Protection Agency at our Privacy Policy