In accordance with Art.13 and 14 of the Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter GDPR), we inform you that the personal data of personnel providing services in the Ministry will be processed by the Undersecretariat of the Ministry of Youth and Childhood for the purpose of enabling and ensuring access control to the Ministry's information assets. They will also be processed by the Division of Technology and Information Services, in their capacity as data controller in the exercise of assigned competences (Royal Decree 211/2024, of February 27, which develops the basic organic structure of the Ministry of Youth and Childhood).
Additionally, detailed information is provided below about the specific data processing carried out by the Undersecretariat to facilitate the management of data in relation to access control of departmental personnel to information assets.
- Who is responsible for processing your data?
Data Controller - Division of Technology and Information Services
Unit of the Undersecretariat of Youth and Childhood
C/Alcalá 27, 28014, MADRID.
divisiontic@juventudeinfancia.gob.es- What are the contact details of the Data Protection Officer?
Data Protection Officer - Undersecretary of Youth and Childhood
C/Alcalá 27, 28014, MADRID.
dpd@juventudeinfancia.gob.es- Who are the data subjects?
All personnel providing services at the Ministry of Youth and Childhood, permanently or temporarily, including external provider personnel.
- What data will we process about the data subject?
The minimum and essential identification data to fulfill the purpose of processing, and to ensure access control and security of the Department's information assets. That is, data such as NIF, name and surname, email address, user identification, equipment identification, IPs, public key of the electronic certificate, etc.
- For what purpose will the Undersecretariat of Youth and Childhood process your data?
In the Undersecretariat of Youth and Childhood, we will process the personal data of personnel serving the Department to enable and ensure access control to the Ministry's information assets (information, services, and systems), authentication, permissions, action traceability, auditing, etc.
- How long will my data be retained in the systems of the Undersecretariat of Youth and Childhood?
The data will be retained for as long as necessary to fulfill the purpose for which they were collected, subject to the provisions of the regulations on archives and documentation.
This period will never exceed one year after the person stops providing services in any of the Department's units.
- What legitimizes the Undersecretariat of Youth and Childhood to process your data for the indicated purposes?
The processing of your data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Undersecretariat of Youth and Childhood (Article 6.1.e of the GDPR), and it is necessary to comply with a legal obligation to which the Undersecretariat of Youth and Childhood is subject as a controller of these data (Article 6.1.c of the GDPR) through the following regulations:
- Law 39/2015, of October 1, on the Common Administrative Procedure of Public Administrations.
- Law 40/2015, of October 1, on the Legal Regime of the Public Sector.
The data processed for the indicated purpose are the minimum necessary to meet the objective of the processing.
- To whom will my data be communicated?
The mentioned data will be subject to processing or transfer to the departmental units that are competent due to the subject matter (Royal Decree 211/2024, of February 27, which develops the basic organic structure of the Ministry of Youth and Childhood), as well as other units, departments, agencies, or autonomous bodies competent in the matter and upon request (Spanish Data Protection Agency, CCN, judicial bodies, etc.).
- Will my data be transferred internationally?
No transfer to third countries or international organizations is foreseen without the express consent of the data subject, except in legally provided cases.
- What are your rights when you provide us with your personal data?
- Anyone has the right to obtain confirmation as to whether or not personal data concerning them is being processed at the Undersecretariat of Youth and Childhood.
- Data subjects have the right to access their personal data, as well as to request the rectification of inaccurate data.
- In certain circumstances and for reasons related to your particular situation, which must be motivated and attached to the request, you may object to the specific processing of your data based on Article 21 of the GDPR. In other words, the exercise of the right to object must be accompanied by an expression of its cause so that the General Directorate of Youth and Childhood evaluates the reasons given, since absolute opposition could be understood as the revocation of a consent that has not been given as this is not the legal basis of the processing. The Undersecretariat of Youth and Childhood will cease processing your data unless there are compelling legitimate grounds for processing that prevail over your interests, your rights, and your freedoms, or for the establishment, exercise, or defense of legal claims.
- You may request the limitation of processing your personal data when:
- You challenge the accuracy of these, and during the time that allows the Undersecretariat of Youth and Childhood to verify their accuracy.
- You request us to retain them when they are no longer necessary for the purpose for which they were collected and prior to their deletion by the Undersecretariat of Youth and Childhood, in which case we will only retain them for the establishment, exercise, or defense of claims.
- Once you have requested the exercise of your right to object to the processing, while verifying whether the reasons of the Undersecretariat of Youth and Childhood for processing your data are legitimate, and therefore prevail over yours.
- You can exercise these rights by submitting a request to the Undersecretariat of Youth and Childhood through this form, or in person through the network of assistance offices for records using this application model (editable and printable version).
- Furthermore, you can file a complaint with the Spanish Data Protection Agency if you believe satisfaction has not been obtained in exercising your rights, either through their web form (Spanish Data Protection Agency's Complaint Form), or in person at C/ Jorge Juan 6, 28001 MADRID.
- What security measures are applied?
The security measures implemented correspond to those provided in Appendix II (Security Measures) of Royal Decree 311/2022, of May 3, regulating the National Security Scheme in the field of Electronic Administration, and are described in the documents that make up the Ministry's Information Security Policy.
Automatically translated with OpenAI from Spanish