Skip to main content

Privacy Policy

The Tax Agency APP is a mobile application that allows citizens to access and carry out procedures with the State Tax Administration Agency in a simple and agile manner and receive notifications of both new and personal information if they so wish.

The State Agency for Tax Administration distributes the mobile application "Tax Agency" and is responsible for protecting the legal rights and privacy of users. The mobile application provides a section with a legally valid privacy notice and terms of service.

The privacy policy is based on:

  • The request for the data necessary to provide you with the requested services.
  • The processing of personal data in accordance with the provisions of “Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, relating to the protection of natural persons with regard to processing of personal data and the free circulation of these data (General Data Protection Regulation)” and the “Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights” and other regulations of application.
  • The use of cookies to the extent necessary for the correct functioning and display, with a limited duration.

Access to and use of the Tax Agency application grants you the status of User, which implies compliance with and observance of the provisions contained herein, as well as any other legal provisions that may be applicable.

1. Developer information and point of contact.

Developer Name: State Revenue Office

Website: https://sede.agenciatributaria.gob.es

E-mail: supportapp@correo.aeat.es

Address: Tax Information Technology Department - State Tax Administration Agency. Santa Maria Magdalena Street, 16, 28016 Madrid (Spain)

The State Tax Administration Agency is regulated by the Resolution of December 28, 2009, of the Presidency of the State Tax Administration Agency, which creates the electronic headquarters and regulates the electronic records of the State Tax Administration Agency published in the (BOE December 29, 2009).

2. Who is responsible for the processing of the data of the Tax Agency APP User?

The person responsible for processing the data of the APP Agencia Tributaria user is the General Directorate of the State Tax Administration Agency.

Contact details: Infanta Mercedes Street, 37, 28020 Madrid.

3. What data do we process about the User?

The information processed about the User comes from the data that he or she has provided or that is recorded in the State Tax Administration Agency. Some data will be processed or others will depend on the actions carried out from the Tax Agency APP.

As a result of the accesses, the data relating to the person that could be processed in the Tax Agency APP will belong to one or more of the following typologies and will be used exclusively for the purposes of this system, with the purpose of the effective application of the state tax and customs system and will not be transferred to third parties unless expressly indicated or in those cases that comply with article 95.1 of the General Tax Law:

  • Identification or contact data: name, surname, DNI/NIE, Validity date of your DNI (or Issue date if it is a Permanent DNI) or support number of your NIE, Reference Number.
  • Device identification data: operating system, mobile device model.
  • Other identifying data: in the procedures you carry out through the APP. For example, tax information (tax address, IBAN of a bank account, box 505 of Income, tax allocation boxes, submitted returns, tax information, name and surname and ID/NIE of the spouse) or the telephone number or email address for the Appointment.

Additionally, to protect access to the APP, the User must have some user authentication factor configured on the device provided by your operating system: credentials (pattern, code, etc.) or biometrics (fingerprint, facial recognition, etc.).

The APP does not require granting any additional permissions on the device for its operation, although when performing some of the procedures in the APP the following permissions may be requested:

  • If you wish to receive push notifications on your device for alerts you have subscribed to, the APP will request permission to enable notifications.
  • If you want to view or save the PDF document of the operation, the APP will request permission to access the file storage.
  • If you want to check the authenticity of a document sent by the Tax Agency by scanning its QR code, the APP will request permission to access the device's camera.
  • If you want to add an appointment requested by the APP to your calendar, the APP will request permission to access the device's calendar.
  • If you wish to join a video assistance from the APP by accessing a previously agreed video call session in a digital assistance service, the APP uses the Zoom system, which you can request:
    • The microphone and audio permission of the device.
    • The camera permission of the device.
    • Bluetooth permission, only in case you want to connect a device, for example, a Bluetooth headset.
    • Permission to access the device storage, only in case you want to share a file.
    • Permission to manage device calls does not need to be granted.
    • Device location permission does not need to be granted.

You can view the Zoom system privacy statement at https://explore.zoom.us/en/privacy/

The User, depending on the operating system of the device, may grant the above permissions only for this session in the APP, indefinitely or not grant them at all. Additionally, you can grant or disable them at any time from your device settings.

In addition, the following data that is not associated with the User's identifying data is processed:

  • Application Activity: App Interactions, information about how you interact with the App. For example, the number of times you visit a page or sections through Firebase Analytics (service provided by Google, Inc. ). This data is used only for the purposes necessary to obtain statistics that allow us to improve the user experience.
  • Application information and performance: Crash logs, crash log data, and unexpected issues via the Firebase Crashlytics service (service provided by Google, Inc. ). These are data that are used solely for the purposes necessary to resolve problems and provide an early response to incidents.
  • In the event that push notifications from the APP are enabled on the mobile device to receive the requested requests, which is recommended, device IDs or other types: identifiers related to a device for sending push notifications to the mobile device through the Firebase Cloud Messaging service (service provided by Google, Inc. ). This data is used only for the purposes necessary to provide and improve the functions of the application.

      4. How does the Tax Agency APP obtain User data and where does it come from?

      The data is obtained by querying the servers of the State Tax Administration Agency, and these data are those already contained in said servers. Under no circumstances will data be obtained without the User's consent.

      The domains of the servers used to send the data are:

      "sede.agenciatributaria.gob.es", “www.agenciatributaria.gob.es”, “www1.agenciatributaria.gob.es”, “www2.agenciatributaria.gob.es”, “www6.agenciatributaria.gob.es”, “www9.agenciatributaria.gob.es”, “www12.agenciatributaria.gob.es”.

      Once the User accesses the application and accepts the privacy policy and terms of service, if they are registered in Cl@ve, they can activate the device by indicating their DNI or NIE and the validity date of their DNI (or Date of Issue if it is a Permanent DNI) or the support number of their NIE, using an activation code that will be sent to the phone associated with Cl@ve. The Tax Agency APP stores on the device the DNI or NIE that you have entered and the Reference Number of each user you have identified. The User can delete this data from the “delete user” option in the Tax Agency APP.

      Regarding the procedures offered, they are obtained through consultations to the applications of the State Tax Administration Agency and are provided in a similar way from the Electronic Headquarters of the State Tax Administration Agency and from the Tax Agency APP. When accessing these procedures, no data is stored in the Tax Agency APP.

      5. What is the legal basis for the processing of User data?

      The processing of personal data that can be carried out through the Tax Agency APP and the applications of the State Tax Administration Agency that support it, are based on compliance with the provisions of "Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data and the free circulation of these data (General Data Protection Regulation)” and the “Organic Law 3 /2018, of December 5, Protection of Personal Data and guarantee of digital rights” and other applicable regulations.

      In addition, we inform you that the regulations applicable to the services offered from the Tax Agency APP are as follows:

      • Organic Law 3/2018 of 5 December on Personal Data Protection and safeguarding digital rights. Regulation (EU) 2016/679, of April 27, 2016, relating to the protection of natural persons with regard to the processing of personal data and the free circulation of these data (General Data Protection Regulation)
      • Royal Decree 311/2022, of May 3, regulating the National Security Scheme.
      • Law 58/2003, of December 17, General Tax Law and its implementing regulations.
      • Regulations and interpretative criteria.

      6. What and why do we use User data?

      The objective of the Tax Agency APP is to facilitate the relationship between the User and the State Administration Agency, by offering them access and management in a simple and agile way and receiving notifications of news and personal information if they so wish.

      The information and data collected in the Tax Agency APP will be processed solely for the purpose of offering you a personalized service or for the purpose of the effective application of the state tax and customs system.

      7. How long do we store User data?

      The period of conservation of the User's data in the Tax Agency APP will be the time that the device is active with your DNI or NIE in the APP. However, at any time the User can delete the data from the “delete user” option from the Tax Agency APP itself, activating the APP with their DNI or NIE on another mobile device or through the “Management of identified user in the mobile application” management available at the Electronic Headquarters of the State Tax Administration Agency.

      You can consult more information about the data processed through the management applications: Data protection information.

      8. Who has access to the User's data?

      Only the User has access to the User's data from the Tax Agency APP.

      The Tax Agency will only access the data that is strictly necessary in order to resolve incidents or respond to queries made by Users.

      9. What are the User's rights and how can they control their data?

      The regulations grant you a series of rights in relation to the data and information that we process about the User. Specifically, the rights of access, rectification, deletion and portability of data, limitation and opposition to its processing.

      You can consult the information on data protection ( Information on data protection ) and the information to the interested party on data protection in the procedure ( Processing of personal data - General Data Protection Regulation )

      10. How do we protect User data?

      The State Tax Administration Agency guarantees that personal information will be stored and used for the necessary time and only to provide you with personalized services, guaranteeing the security measures required by Royal Decree 3/2010, of January 8, which regulates the National Security Scheme in the field of Electronic Administration. (BOE, January 29, 2010) and Royal Decree 951/2015, of October 23, amending Royal Decree 3/2010, of January 8, regulating the National Security Scheme in the field of Electronic Administration (BOE, November 4, 2015).

      The State Tax Administration Agency has adopted the necessary technical and organisational measures to prevent the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorised communication or access to such data, which may in particular cause physical, material or immaterial damage and harm. The measures adopted take into account the state of technology, the nature of the data and the risks to which they are exposed and are periodically reviewed to ensure their adaptation to new situations or risk scenarios.

      11. Cookie Policy

      The Tax Agency APP uses cookies to the extent necessary for its correct operation and display. Cookies are temporary and under no circumstances are they used to gather personal information.

      12. Privacy Policy Update Date

      Latest update: June 20, 2024.