5.74. Access record
Description of the activity
Record for subsequent audit and comparison, if necessary, of the accesses and actions carried out by both citizens and internal users who access the services and information systems made available to them.
Purpose
Effective implementation of the state tax and customs system.
Internal management and administration of the AEAT.
Legitimation
Article 6 of Regulation 2016/679 (EU), relating to the legality of the treatment, in this case in section 1, letter e) which states that “The treatment will be lawful if the least one of the following conditions: (…) c) the treatment is necessary for the (…) exercise of public powers conferred on the person responsible for the treatment (…)”.
For its part, article 95 of 58/2003, of December 17, General Tax Law establishes the confidential nature of data with tax significance, and in its point 3 states “The tax administration will adopt the necessary measures to guarantee the confidentiality of tax information and its proper use.”
Interested parties
- Users
- Taxpayers
Details
- NIF/DNI, Name and Surname, IP Address
- Record of actions carried out on the different assets that make up the AEAT Information System
- Queries and modifications made to taxpayers, as well as information on user behavior in information systems
Treatments
- Collection
- Record
- Storage
- Structuring
- Modification
- Update
- Copy
- Analysis
- Enquiry
- Extraction
- Promotion
- Interconnection
- Limitation
- Suppression
- Destruction
- Other
Recipients
Other public administrations
International transfers
Not foreseen
Profiling
Does not apply
Technical/organizational measures
All data processed has been evaluated through a risk analysis, obtaining the list of technical and organizational measures to be applied.
These measures have been applied in accordance with the approved adaptation plan.