Skip to main content
Information for the interested party on data protection

5. Record of processing activity

Article 30 of Regulation (EU) 2016/679 that the controller shall keep records of processing activities carried out under its responsibility. This record must contain all the information indicated below:

  1. the name and contact details of the controller and, where applicable, of the joint controller, the controller's representative and the data protection officer;
  2. the purpose of the data processing;
  3. a description of the categories of data subjects and the categories of personal data;
  4. the categories of recipients to whom the personal data have been or will be disclosed, including recipients in third countries or international organisations;
  5. where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), documentation of appropriate safeguards;
  6. where possible, the expected timeframes for deletion of the different categories of data;
  7. where possible, a general description of the technical and organisational security measures referred to in Article 32(1).

Furthermore, Public Administrations must make public the inventory of their processing activities, which will be accessible by electronic means, as established in article 31.2 of Organic Law 3/2018, of December 5, on the Protection of Personal Data and the guarantee of digital rights.

Please note that the Tax Agency acts as the controller of all the processing specified in RAT except for the following processing in which it acts as the data processor:

  • treatment 5.5 Integrated Collection System only in the case of non-tax debts managed by Ministerial Departments 
  • treatment 5.13 Registration of the Identification System Cl@ve
  • treatment 5.7 Neutral Point Embargoes

In application of the above, the personal data processing activities carried out by the Tax Agency are listed below.

  1. 5.1. Census
  2. 5.2. Partners, participants, representatives
  3. 5.3. Presumptive/non-filing taxpayers
  4. 5.4. Requirements
  5. 5.5. Integrated collection system
  6. 5.6. Resources, claims
  7. 5.7. Neutral Point Embargoes
  8. 5.8. Payments to suppliers of CCAA and EELL
  9. 5.9. Procedural Files
  10. 5.10. Non-procedural files
  11. 5.11. People Require Information Courts
  12. 5.12. CDC - Citizens
  13. 5.13. Cl@ve Identification System Registration
  14. 5.14. Inheritance and Donations
  15. 5.15. Documents and Writings
  16. 5.16. Non-established VAT refund
  17. 5.17. Sanctions
  18. 5.18. Representation
  19. 5.19. Customs Surveillance Information Database
  20. 5.20. Penalties, surcharges and interest
  21. 5.21. Notifications, communications and notices from the AEAT
  22. 5.22. AGE Notifications and Communications
  23. 5.23. Document management of the AEAT
  24. 5.24. AEAT mobile applications
  25. 5.25. Registry entries
  26. 5.26. Assistance to taxpayers
  27. 5.27. VRU
  28. 5.28. Inspector Procedure
  29. 5.29. Notes
  30. 5.30. Inspection sheets
  31. 5.31. Foreign trade declarations
  32. 5.32. Foreign trade authorizations
  33. 5.33. Foreign trade guarantees
  34. 5.34. Trademark protection
  35. 5.35. Single customs window
  36. 5.36. VAT refund to non-resident travelers
  37. 5.37. Smuggling
  38. 5.38. Reviews
  39. 5.39. Accounting
  40. 5.40. Registration of border workers at the Customs and Excise Administration of La Línea de la Concepción
  41. 5.41. Prometheus
  42. 5.42. Census of economic activities
  43. 5.43. Special Tax on Certain Means of Transport.
  44. 5.44. Exemptions from excise duty on certain means of transport
  45. 5.45. Additional information
  46. 5.46. Census of those liable for special taxes
  47. 5.47. Excise duties, production documents
  48. 5.48. Census and management of subsidized diesel offenders
  49. 5.49. Excise duties - Intervention sheets
  50. 5.50. Excise duties - Guarantees
  51. 5.51. Excise duties - Tax marks
  52. 5.52. Management of the hydrocarbon retailers census (IVMDH)
  53. 5.53. Special Taxes. Payments with checks and cards for discounted diesel fuel
  54. 5.54. Census of operators obliged to pay environmental taxes
  55. 5.55. Informative Statements and information received
  56. 5.56. Information exchange
  57. 5.57. IRPF (Personal Income Tax)
  58. 5.58. VAT (Value Added Tax)
  59. 5.59. IS (Corporate Tax)
  60. 5.60. IRNR (Non-resident income tax)
  61. 5.61. Special regime for telecommunications, broadcasting or electronically provided services (MOSS)
  62. 5.62. VAT exemption and refund for embassies, international organizations and NATO
  63. 5.63. Self-assessment
  64. 5.64. Wealth Tax
  65. 5.65. Collection of fees that constitute resources of the Public Treasury
  66. 5.66. Cash movements
  67. 5.67. Intervention of Means of Payment
  68. 5.68. Money laundering report
  69. 5.69. Customs chemical-technological laboratory bulletins
  70. 5.70. Drug Precursors
  71. 5.71. Customs and Excise Inspection Procedure
  72. 5.72. Expanded Customs Census
  73. 5.73. Signing officials of the AEAT
  74. 5.74. Access record
  75. 5.75. Video surveillance of customs facilities
  76. 5.76. AEAT staff and provision of positions
  77. 5.77. Selection processes and incorporation into the AEAT
  78. 5.78. Training
  79. 5.79. Disciplinary proceedings, administrative appeals and monitoring of judicial proceedings
  80. 5.80. Compatibility files
  81. 5.81. Health surveillance data management
  82. 5.82. User census
  83. 5.83. Visits and staff from the AEAT and service companies
  84. 5.84. Video surveillance
  85. 5.85. Intrastat operators
  86. 5.86. Third party census
  87. 5.87. Economic and Financial Management
  88. 5.88. Third parties
  89. 5.89. Supplier Contacts
  90. 5.90. Patrimonial Responsibility
  91. 5.91. Renouncing inheritance
  92. 5.92. AEAT Action Plan against SARS-COV2
  93. 5.93 Registry of Operators of High-Speed Pneumatic and Semi-Rigid Vessels
  94. 5.94 Recordings related to collaborative video calling tools
  95. 5.95. Access control by fingerprint recognition
  96. 5.96. Recordings of CRA calls
  97. 5.97. Authentication of the Cl@ve PIN Identification System
  98. 5.98. Newsletter Subscription
  99. 5.99. Internal reporting system on regulatory violations and fight against corruption