Go to content

Protection of data

Information on the collection and processing of data

Below is the information required by the EU Regulation on the Protection of Personal Data

Information on the collection and processing of data (88kB. PDF)

Data Protection Officer

D. Enrique Orduña Prada

Office of the President

Tel. 912733325 dpd@consejodetransparencia.es

Council of Transparency and Good Governance

c/ José Abascal, 2. 5th floor. 28003. Madrid

Registration of data processing activities

Register of Personal Data Processing Activities (292 KB)

Exercise of rights under the European Data Protection Regulation (GDPR)

The rights of access, rectification, suppression, opposition and limitation of the treatment are recognized in the European Data Protection Regulation They allow us to know what personal information we hold about you is being processed by a controller, from whom or from where you have obtained that data and to whom you have transferred it. They also allow us to modify or rectify errors, cancel data that should not be processed, oppose the processing of personal data carried out without our consent or limit that processing of data in some specific cases.

To exercise them, it is important to know a number of aspects:

  • They must be exercised directly by the interested party before each of the responsible/owners of the files. If you are acting on behalf of another person, it is necessary to prove that you have authorized us to represent you.
  • The legislation establishes that in order to exercise these rights it is essential that the citizen first addresses the entity that is processing their data using any means that allows the sending and reception of the request to be accredited. If the entity does not respond to the request made within the period established by law or the citizen considers that the response received is not adequate, he/she can request that the Spanish Data Protection Agency protect his/her right against the person in charge.
  • They are independent rights, so it is not necessary to exercise the right of access in the first place in order to rectify or cancel.
  • The exercise of these rights must be simple, free and may not involve any additional income for the person responsible, who must facilitate a procedure for the exercise of the rights. It is advisable to use this procedure, although the person responsible cannot ignore a request that, duly presented, uses another means.
  • The content of the application must include: the name and surname of the interested party; photocopy of his/her national identity document, passport or other valid document identifying him/her and, if necessary, of the person representing him/her, as well as the document or electronic instrument accrediting such representation; detail of the request made; address for the purposes of notifications; date and signature of the applicant; and documents accrediting the request made if necessary.
  • The responsible party must comply with the request, even when there is no personal data of the applicant, as well as ensure that your organization is able to report on how to exercise the rights.

Below, you are provided with the models to request any of these rights before the Council of Transparency and Good Governance:

Form for the exercise of the right to limit the processing of personal data (423 KB)
Form for the exercise of the right of access (428 KB)
Form for the exercise of the right of rectification (423 KB)
Form for the exercise of the right of deletion (423 KB)
Form for the exercise of the right of opposition (423 KB)
Form for the exercise of the right of portability (423 KB)