Skip to main content
Information to the interested party on data protection

3.2. Data Protection Officer

Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, relating to the protection of natural persons with regard to the processing of personal data and the free circulation of these data and by which Directive 95/46/EC, General Data Protection Regulation, is repealed, providing that those responsible and in charge of processing personal data must appoint a Data Protection Officer in the cases that the Regulation itself establishes, as well as in other cases. in which the legislation of the Member States also considers it mandatory.

Among the cases that require the designation of a Delegate is that in which “the treatment is carried out by a public authority or body”, both in the capacity of data controller and in the capacity of data processor (article 37.1.a). The role of the Delegate in organizations is to inform, advise, supervise and cooperate with the supervisory authority, as well as be the point of contact for interested parties.

The Tax Agency has a Tax IT Security and Control Commission created by the Resolution of January 26, 1998 of the Presidency of the State Tax Administration Agency, which created sectoral security and control commissions in all areas and regulated the composition, functions, operating rules and monitoring of the actions of the sectoral commissions.

The Tax IT Security and Control Commission is the collegiate body in charge of analyzing and evaluating risks, establishing and keeping updated the general criteria and guidelines on the use of tax and non-tax information managed by the Tax Agency to guarantee privacy. and information security, as well as agreeing and implementing measures to improve and reinforce security and control systems.

The Tax IT Security and Control Commission directs and verifies the adaptation plan of the Tax Agency to the new Regulation. Among the decisions adopted by said Commission within the scope of the adaptation plan is that of appointing as Data Protection Delegate the secretary of the Tax IT Security and Control Commission who, to develop In his work, he will have the support of the Commission itself to cover all the functions required of him in that position.

This decision has subsequently been ratified with the approval of the Steering Committee of the Tax Agency and communicated to the Spanish Data Protection Agency, complying with the legal requirement contained in the General Data Protection Regulation.

Contact details:

Data Protection Delegate of the Tax Agency

Calle Santa María Magdalena, 16, 28016 Madrid

dpd@correo.aeat.es