• Home
  • Privacy policy

Privacy policy

This Privacy Policy will help you make decisions on the data you may provide through the website www.bde.esAbre en nueva ventana and/or any other site accessed through that domain (henceforth, the “Website”), as well as through any other medium or form provided for such purpose.

We therefore recommend you read it carefully.

What information is covered by this Privacy Policy?

This Privacy Policy tells Users how Banco de España collects, processes and protects the personal data Users provide through the forms available on its Website, browsing data and any other data that Users may provide through any other format or medium.

Users must carefully read this Privacy Policy, which has been written in a clear and simple style so it can be easily understood, and determine freely and voluntarily whether they wish to provide their personal data to Banco de España, through the various channels created for that purpose.

Users providing data from a third party must state that they have the third party's consent and agree to convey the information contained in this Privacy Policy to the party concerned, the data subject, while exempting Banco de España from any liability in this regard. However, Banco de España may check this itself using the corresponding due-diligence measures, in accordance with data protection regulations.

Who is the data controller for your personal data?

The data controller responsible for processing the personal data provided by Users is BANCO DE ESPAÑA, with Tax Identification Code (CIF) Q2802472G, registered office at Calle Alcalá no. 48, 28014, Madrid, Spain and telephone 913 385 000.

Users can contact Banco de España’s Data Protection Officer using the following contact formAbre en nueva ventana, or by writing to Banco de España at the above address, for the attention of the “Delegado de Protección de Datos”.

Why will your data be processed?

Personal data provided to Banco de España will be processed for the following purposes:

  • Processing requests for starting procedures through the forms provided on the website, as well as processing applications submitted via the Electronic Register.
  • Processing claims, complaints and consultations made against banks supervised by Banco de España regarding transparency and customer protection.
  • Processing requests for access to public information.
  • Managing the hiring processes of Banco de España, or organisations attached to Banco de España.
  • Managing the awarding of Banco de España’s scholarships, research studies, grants and Programmes of Excellence in Education and Research.
  • Managing Banco de España’s Library service.
  • Managing subscriptions to the various news feeds, publications, calls for bids, regulations, services and, in general, any new content published on the Banco de España website and related websites.
  • Managing relations with Banco de España's suppliers.
  • Preparing statistical reports on Users’ access habits and activities, in accordance with the Cookies Policy.
  • Providing training on the subjects for which Banco de España is an authority.
  • Complying with other legal obligations or tasks in the public interest or in the exercise of legally established public powers.

What is our legal basis for processing your personal data?

Depending on the specific purpose, the legal basis for Banco de España to process Users’ data will be:

  • Compliance with a legal obligation or performance of a task carried out in the public interest or the exercise of public powers conferred upon Banco de España in cases where such processing leads to the exercise of the responsibilities and functions legally attributed to Banco de España. In general, Banco de España processes personal data as needed for compliance with its legal obligations or the exercise of the responsibilities conferred, among others, by the following regulatory Laws:
    • Law 13/1994, of 1 June, on the Autonomy of Banco de España.
    • Law 44/2002, of 22 November, on Financial System Reform.Law 10/2014, of 26 June, on the organisation, supervision and solvency of credit entities.
    • Royal Decree-Law 19/2018, of 23 November, on payment services and other urgent financial measures.
  • The existence of a contractual or precontractual relationship, in cases where data processing leads to the existence of contractual relationships or the provision of services.
  • The Users’ consent, in cases where it is required, such as when the processing is due to the interested party subscribing to an information channel. This consent may be withdrawn at any time, although its withdrawal will not affect the legality of processing done before that time.

Where will your personal data be sent?

Unless expressly indicated, the processed data will be shared with third parties only if legally required.

Notwithstanding the above, your personal data may be communicated to companies that provide services to Banco de España, solely for the purposes stated above.

The recipients stated in this section may be located within or without the European Economic Area, and international data transfers will be duly lawful in the latter case.

How long will your personal data be kept for?

Users’ personal data will be retained for the time necessary for the purpose for which it was collected and to determine the possible liabilities that may arise from that purpose and the processing of the data. In legally established cases, Spanish regulations on archives and documentary heritage will apply.

What rights do the data protection regulations give you?

Users may send a written document signed by the data subject, attaching in all cases a copy of their Spanish National Identity Document or equivalent document proving their identity and specifying the right or rights they wish to exercise, via this contact form for the exercise of rightsAbre en nueva ventana or to the “Delegado de Protección de Datos” at Calle Alcalá no. 48, 28014, Madrid, Spain, for:

  • Revoking the consent given.
  • Obtaining confirmation as to whether or not Banco de España is processing personal data concerning the User.
  • Accessing their personal data.
  • Correcting inaccurate or incomplete data.
  • Requesting the deletion of their data when, among other reasons, the data are no longer necessary for the purposes they were collected for.
  • Requesting that Banco de España restrict data processing when any of the conditions provided for in the data protection regulations are met.
  • Requesting the portability of their data.

The party concerned may also bring a claim before the Spanish Data Protection Agency, should they believe that Banco de España has violated their rights recognised by applicable data protection regulations.

Without prejudice to the above, the party concerned may contact Banco de España’s data protection officer using this contact formAbre en nueva ventana.

Is it compulsory to provide your personal data?

The data requested in the forms on the Website are generally required for the stated purposes unless otherwise specified in the required field. Therefore, if such data are not provided or are provided incorrectly, it will be impossible to fulfil the above-mentioned purposes, without prejudice to the possibility that the content of the Website may be freely displayed.

Users shall accordingly assume any possible liabilities and responsibilities that may arise from any excessive or inappropriate data that they voluntarily decide to provide to Banco de España.

How are your personal data protected?

Users’ data shall be processed in absolute confidence at all times, in compliance with the mandatory duty of secrecy and under the provisions set out in the applicable regulations, with the necessary technical and organisational measures adopted for these purposes for guaranteeing the security of those data and preventing them from being subject to any alteration or loss or unauthorised processing or access, taking into account the latest technology, the nature of the stored data and the risks to which they are exposed.

What are your responsibilities in relation to the data you provide?


  • Guarantee that the data they provide to Banco de España are true, accurate, complete and up-to-date. For these purposes, Users shall be responsible for the truthfulness of all the data communicated and shall keep the information they provide up-to-date, so as to reflect their actual situation.
  • Users shall be responsible and liable for any false or inaccurate information that they provide through the Website and for any damages, direct or indirect, that they cause Banco de España or third parties.

Banco de España will ensure the appropriate use of the personal data of minors, guaranteeing compliance with the laws applicable to them, using all the measures that may reasonably be expected. Notwithstanding the above, Banco de España accepts no liability for personal data provided by minors below the minimum age to be able to consent to the processing of their own personal data, without the previous consent of their parents, guardians or legal representatives, as set forth by applicable law.

Last update: February 2019

© Banco de España. All rights reserved