Regulatory Alerts2007-07-27
Circular 3/2007 of 27 July Updating Circular 2/2005 of 25 February on Automated Files with Personal Data Managed by the Bank of Spain
The Bank of Spain issued Circular 3/2007 to update its automated personal data file registry in compliance with Spanish data protection law and the Spanish Data Protection Agency's Instruction 1/2006 on video surveillance. The circular replaces the existing description for the "Access Control and Stay in Bank of Spain Buildings" file in Annex II of Circular 2/2005, aligning it with Article 20 of Organic Law 15/1999. It mandates that the file controller, the Bank of Spain's Security Service, collects personal and biometric data via surveys and CCTV for building security purposes, with no planned data disclosures or international transfers, and classifies its security level as basic.
Share