Circular 3/2007 of 27 July Updating Circular 2/2005 of 25 February on Automated Files with Personal Data Managed by the Bank of Spain

Skip to main content.

VIEW OF THE REGULATION

Index

Full Regulation

Regulation as of a Date

Current regulation

Circular 3/2007, of 27 July. Update of Circular 2/2005, of 25 February, "Automated Files with Personal Data Managed by the Bank of Spain" (BOE of 15 August)

The descriptions of the automated files with personal data existing at the Bank of Spain are set out in Circulars 2/2005, of 25 February, and 4/2005, of 23 December, thereby complying with Article 20(1) of Organic Law 15/1999, of 13 December, on the Protection of Personal Data regarding the creation, modification, or suppression of files by Public Administrations.

With the aim of aligning video surveillance with the requirements of the fundamental right to data protection, and in exercise of the competence attributed to it by Article 37(c) of Organic Law 15/1999, of 13 December, on the Protection of Personal Data, the Spanish Data Protection Agency has issued Instruction 1/2006, of 8 November, to align image processing for surveillance purposes with the principles of said Organic Law and thereby guarantee the rights of persons whose images are processed through such procedures.

Article 7.1 of the aforementioned Instruction establishes that when an entity foresees the creation of video surveillance files, it must notify the Spanish Data Protection Agency for registration in its General Register. Consequently, the content of Circular 2/2005, of 25 February, must be updated, which is accomplished through this Circular.

The update consists of modifying the current description of the file "Access Control and Stay in Bank of Spain Buildings", described in Circular 2/2005, of 25 February, to comply with Article 20 of the Organic Law on the Protection of Personal Data. The file being modified is part of Annex II, "Internal or Operational Files".

For all the foregoing, the Bank of Spain, in exercise of the powers conferred by Law 13/1994, of 1 June, on the Autonomy of the Bank of Spain, and in accordance with the procedure provided therein, has ordered:

FIRST PROVISION

The description of the file "Access Control and Stay in Bank of Spain Buildings", which appears in the annex of this Circular, replaces the corresponding description of said file currently contained in Annex II, "Internal or Operational Files", of Circular 2/2005, of 25 February, "Automated Files with Personal Data Managed by the Bank of Spain".

FINAL PROVISION

This Circular shall enter into force on the day of its publication in the Official State Bulletin.

ANNEX

File ACCESS CONTROL AND STAY IN BANK OF SPAIN BUILDINGS [1]

Purpose of the file and intended uses

• Control of the security of the Bank of Spain's buildings, facilities, and assets.

Affected natural persons

• Persons, whether or not they belong to the Bank of Spain's staff, who access areas of its buildings and facilities.

Origin and procedure for collecting personal data

• The data originate from the data subject themselves.
• The data are collected via surveys and interviews, provided by the data subject themselves.
• The medium used for obtaining the data is paper and digitalization of the National Identity Document (DNI) via scanner.
• Recording of images via a closed-circuit television (CCTV) system, stored on digital media.

Basic file structure and types of personal data included

• DNI/NIF.
• Name and surnames.
• Address.
• Telephone.
• Company to which they belong.
• Signature/fingerprint.
• Image of the DNI.
• Personal registration number.
• Image.

Disclosures of personal data

• No disclosures are foreseen.

Transfers of personal data to third countries

• No transfers are foreseen.

File controller

• Bank of Spain.

Service or unit before which the rights of access, rectification, cancellation, and opposition may be exercised

• Security Service.

Security measures

• Level: BASIC.

[1] File incorporated into Annex II of Circular 2/2005, of 25 February.

Back to top