The Ministry of Foreign Affairs, European Union and Cooperation (MFA) undertakes to comply with the applicable regulations on personal data protection. Therefore, and in application of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter, the General Data Protection Regulation or "GDPR"), Law 3/2018, Organic Law on Personal Data Protection and Guarantee of Digital Rights, as well as the implementing regulations that may derive from the above, you are hereby informed of certain aspects relating to the processing of your data that we will carry out as a result of your browsing our website, as well as the rights that you hold.
1. Who is responsible for the processing of your data?
The controller is the Ministry of Foreign Affairs, European Union and Cooperation (MFA). (Plaza de la Provincia, 1, 28012 Madrid, Spain).
To ensure due compliance with data protection regulations, a Data Protection Officer (DPO) has been appointed to carry out duties across the MFA as a whole. You may contact the DPO via email at dpd@maec.es.
2. How is your personal data obtained?
The data processed by the MFA has been obtained from you, through the various forms you have completed while browsing the website.
3. For what purposes are your personal data processed and under what legal basis?
The processing, in accordance with applicable regulations, is based on your express consent, given at the time of collection of the personal data that you voluntarily provide to us through the mechanisms enabled on the website.
The processing of your personal data is for the purpose of managing, providing, expanding and improving user services, managing the information provided in job vacancies, disseminating information relating to the MFA and following up on queries raised by users.
4. What is the MFA's legal basis for processing your data?
The basis for the processing of your personal data lies in the development and execution of the relationship formalised with you, which is detailed in this Policy, your consent, and the MFA's compliance with legal obligations.
5. What type of personal data is processed?
The personal data processed by the MFA is that which you have provided through the appropriate forms used to offer you our services. This data may include, for example, your name, surname, national identity card number, address or contact email address.
6. To whom is your personal data disclosed?
The personal data processed by the MFA for the purposes detailed above and to provide the proper service to citizens may be disclosed to other Public Administration bodies.
7. For how long will your data be stored?
Your personal data will be retained until you withdraw your consent to its processing. In any case, you are hereby informed that the MFA carries out personal data deletion procedures in accordance with the legally established retention periods.
8. What are your rights regarding the processing of your data?
Data protection regulations grant you a series of rights regarding your personal data that you may exercise during the processing of such data. These rights are as follows:
- Right of access: To know what type of data is being processed by the MFA and the characteristics of such processing.
- Right to rectification: To request the modification of your data if it is inaccurate or out of date.
- Right to data portability: To obtain a copy in an interoperable format of the data being processed, in order to provide it to another data controller.
- Right to restriction of processing: To restrict the processing of your data, provided that such a request is covered by the cases set out in the applicable regulations.
- Right to erasure: To request the deletion of your data when processing is no longer necessary.
- Right to object: To request the cessation of the sending of informative communications under the terms described above.
- Right to lodge a complaint with the supervisory authority: In Spain, this entity is the Spanish Data Protection Agency (AEPD).
These rights may be exercised by post or email, using the contact details indicated at the beginning of this clause, providing proof of your identity as the owner of the data on which you are exercising the request, or at any of the locations established in Article 16.4 of Law 39/2015, of 1 October, on the Common Administrative Procedure of Public Administrations.