Advanced Search

Order Def / 704 / 2015, Of 13 Of April, By Which Is Created And Deleted Files Of Data Of Character Personal Of The Subdirectorate General Of Regime Inside Of The Ministry Of Defence.

Original Language Title: Orden DEF/704/2015, de 13 de abril, por la que se crean y suprimen ficheros de datos de carácter personal de la Subdirección General de Régimen Interior del Ministerio de Defensa.

Subscribe to a Global-Regulation Premium Membership Today!

Key Benefits:

Subscribe Now for only USD$40 per month.

TEXT

Organic Law 15/1999 of 13 December on the Protection of Personal Data sets out a set of measures to ensure, and protect, in the treatment of personal data, public freedoms. and the fundamental rights of natural persons, and especially their personal and family honor and intimacy.

Article 20.1 of the aforementioned law determines that the creation, modification or deletion of files of public administrations may be made only by means of a general provision published in the "Official Gazette of the State" or Corresponding official journal. Similarly, the additional provision of this law directs the public administrations responsible for files to approve the provision of the creation of such files.

In the Ministry of Defense, the Subdirectorate General of the Interior Regime manages certain files that were created under Royal Decree 1332/1994, of 20 June, for which certain aspects of the Law are developed Organic 5/1992, of 29 October, regulating the automated processing of personal data, and of Royal Decree 994/1999 of 11 June, approving the Regulation on the security of automatic files which contain personal data.

The entry into force of the Implementing Regulation of the Organic Law 15/1999 of 13 December, approved by Royal Decree 1720/2007 of 21 December, which repeals the aforementioned royal decrees, obliges the Ministry of Defense to adapt these files to the provisions of this regulation.

Finally, this project has been previously reported by the Spanish Data Protection Agency.

In its virtue, I have:

Article 1. Creating files.

The personal data files of the Ministry of Defense's General Subdirectorate General for Interior Regime are created, as described in Annex I to this ministerial order.

Article 2. Deleting files.

The personal data files of the Ministry of Defense's General Subdirectorate General for Interior Regime, listed in Annex II to this ministerial order, are deleted.

Single additional disposition. Data integration.

The person responsible for the files in Annex II will integrate the data contained in these files into the new files created, keeping, properly blocked, the backups that may exist.

Single repeal provision. Regulatory repeal.

All provisions of equal or lower rank that are opposed to the provisions of this ministerial order are repealed.

Single end disposition. Entry into force.

This ministerial order shall enter into force on the day following that of its publication in the "Official State Gazette".

Madrid, April 13, 2015. -Minister of Defense Pedro Morenes Eulate.

ANNEX I

Relation of files with personal data of various organs of the Ministry of Defense's Subdirectorate General of Interior Regime

Security Unit

1. File of the Central Arms Intervention of the Central Authority of MINISDEF.

2. The Access Control file of the MINISDEF Central Headquarters.

3. Personnel Identification File of the Central Authority of MINISDEF.

4. Video surveillance file of the Central Authority of MINISDEF.

General Services Area

5. The MINISDEF Interior Regime SDG Driver Management file.

6. File of the Health Unit of the Central Authority of MINISDEF.

7. File of the Odontological Cabinet of the Central Authority of MINISDEF.

8. Religious Services Control file in the Central Organ of MINISDEF.

Resource Management and Labor Relations Area

9. Work Risk Prevention Service file of the Interior Regime SDG of the MINISDEF.

10. Business Coordination File in the Central Organ of MINISDEF.

11. Civil Personnel file dependent on the Interior Regime SDG of the MINISDEF.

General Secretariat

12. Military Personnel Management file of the Interior Regime SDG of the MINISDEF.

13. File of Social Activities in the Central Organ of MINISDEF.

Security Unit

1. File of the Central Arms Intervention of the Central Authority of MINISDEF.

a) Finality of the file and the intended uses for it: establish a particular arms control for the personnel dependent on the Central Authority of MINISDEF.

(b) Persons or collectives on whom they are intended to obtain personal data or who are obliged to supply such data: military personnel and other authorised personnel.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Identifiers: first and last names, NIF/DNI, address, telephone, firma/footprint.

2. º social circumstances: military situation.

3. Job Details: Jobs.

Treatment system: mixed.

e) Data transfers of a personal nature and, where appropriate, data transfers that are provided to third countries: Ministry of the Interior, Directorate General of the Civil Guard.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Security Unit.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28071 Madrid.

h) Security measures with indication of the level required: entry level.

2. Access Control file at the MINISDEF Central Headquarters.

a) Finality of the file and the intended uses for it: access control (internal and external staff) to the facilities of the Central Headquarters of the MINISDEF, in order to ensure security at the site.

(b) Persons or collectives on which personal data are intended to be obtained or which are required to supply data: employees, suppliers and citizens.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Identifiers: first and last names, NIF/DNI, telephone, image/voice.

2. º Personal characteristics: nationality.

Treatment system: automated.

e) Data transfers of a personal nature and, where appropriate, data transfers that are provided to third countries: Ministry of Industry, Energy and Tourism.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Security Unit.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28071 Madrid.

h) Security measures with indication of the level required: entry level.

3. Personnel Identification File of the Central Authority of MINISDEF.

(a) Finality of the file and the intended uses for it: to allow the execution of the provisions in the current regulations regarding the system of common identification of the personnel to the service of the Central Authority of the MINISDEF.

(b) Persons or collectives on which personal data are intended to be obtained or which are required to supply data: employees, suppliers and citizens.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Identifiers: first and last names, NIF/DNI, address, telephone, image/voice, firma/footprint.

2. º Personal characteristics: nationality.

3. Job Details: Jobs.

Treatment system: mixed.

e) Data transfers of a personal nature and, where appropriate, data transfers that are provided to third countries: Ministry of Industry, Energy and Tourism (Security Area).

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Security Unit.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28071 Madrid.

h) Security measures with indication of the level required: entry level.

4. Video surveillance file of the Central Authority of MINISDEF.

a) Finality of the file and the intended uses for it: recording of images for the management of security in the different headquarters or complexes of the Central Authority of the MINISDEF in charge of the SDG of the Interior Regime of the MINISDEF.

(b) Persons or collectives on which personal data are intended to be obtained or which are required to supply data: employees, suppliers and citizens.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Identifiers: imagen/voice.

Treatment system: automated.

e) Data transfers of a personal nature and, where applicable, transfers of data that are provided to third countries: Judicial organs, Forces and Security Corps.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Security Unit.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28071 Madrid.

h) Security measures with indication of the level required: entry level.

General Services Area

5. The MINISDEF Interior Regime SDG Driver Management file.

a) The end of the file and the intended uses for it: identify the Car Service personnel for their location during or for the provision of the work.

(b) Persons or collectives on whom data of a personal nature are intended or required to be supplied: employees and authorised personnel.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Identifiers: first and last names, NIF/DNI, address, telephone, other data of an identifying character: driving license.

2. Job Details: Job position, profession.

Treatment system: automated.

(e) Data transfers of a personal nature and, where appropriate, data transfers to third countries: no disposals are foreseen.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Car Service.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the level required: entry level.

6. File of the Health Unit of the Central Authority of MINISDEF.

a) Finality of the file and the intended uses for it: health care and work health of the staff of the Central Authority of MINISDEF. The intended use is the optimization of the prevention, rehabilitation and development of health studies.

(b) Persons or collectives on whom data of a personal nature are intended or required to be supplied: employees/military/officials, patients (employees and authorised personnel) and persons outside the Ministry of Defense that as an urgent matter may need it.

c) Procedure for the collection of personal data: the data subject himself or his legal representative, private entity.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Data specially protected: health: data derived from acts of gender-based violence; racial or ethnic origin; sexual life.

2. Non-Identifiers: first and last names, telephone, NIF/DNI, address, firm/footprint, Social Security/Mutual Security number, image/voice, health card.

3. ° Personal characteristics: marital status, age, date of birth, gender, family data, place of birth, physical characteristics, nationality, anthropometric characteristics.

4. º social circumstances: housing characteristics, housing; hobbies and lifestyle; military situation; membership of clubs, associations; licenses, permits, authorizations.

5. Job Details: Profession, Jobs, Worker History.

6. Academic and professional: training, qualifications, professional experience.

Treatment system: mixed.

(e) Data transfers of a personal nature and, where appropriate, data transfers to third countries: no disposals are foreseen.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Medical Service.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the required level: high level.

7. Odontological Cabinet file of the Central Authority of MINISDEF.

(a) Finality of the file and the intended uses for it: medical-dental medical assistance to the staff assigned to the Central Authority of MINISDEF, their first-degree relatives and authorized personnel.

(b) Persons or collectives on whom data of a personal nature are intended or required to be supplied: employees/military officers, first-degree family members of staff assigned to the Authority MINISDEF Central and voluntarily and authorized personnel.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Data specially protected: health: data derived from acts of gender-based violence; racial or ethnic origin; sexual life.

2. Non-Identifiers: first and last names, telephone, NIF/DNI, address, firm/footprint, Social Security/Mutual Security number, image/voice, health card.

3. ° Personal characteristics: marital status, age, date of birth, gender, family data, place of birth, physical characteristics, nationality, anthropometric characteristics.

4. º social circumstances: hobbies and lifestyle.

5. Job Details: Profession, jobs.

Treatment system: mixed.

(e) Data transfers of a personal nature and, where appropriate, data transfers to third countries: no disposals are foreseen.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Dental Cabinet.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the required level: high level.

8. Religious Services Control file in Central Organ of MINISDEF.

a) Finality of the file and the intended uses for it: control of religious services (marriages and baptisms) dispensed to the staff of the MINISDEF and their relatives who require those services.

(b) Persons or collectives on whom data of a personal nature are intended to be obtained or which are required to supply such data: employees/military personnel/officials; family members of military and civilian personnel assigned to MINISDEF.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Data specially protected: religion.

2. Identifiers: first and last names, NIF/DNI, address, firma/footprint.

3. Personal characteristics: age, nationality, date of birth, gender, place of birth, marital status, family data.

Treatment system: manual.

e) Recessions of personal data and, where appropriate, transfers of data that are provided to third countries: judicial bodies; public records; organs of the ecclesiastical administration.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Religious Service.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the required level: high level.

Resource Management and Labor Relations Area.

9. Work Risk Prevention Service file of the Interior Regime SDG of the MINISDEF.

(a) Finality of the file and the intended uses for the file: prevention of occupational risks (PRL) of the staff providing services at the Central Headquarters of the Ministry of Defence or in the peripherals of the SDG Internal arrangements; risk assessments for job risks in safety, hygiene, ergonomics and psychology techniques: management of: accidents/incidents at work, training/information in PRL, personal protective equipment and personnel special sensitivity.

(b) Persons or collectives on which personal data are intended to be obtained or which are required to supply data: employees, citizens or residents and suppliers.

c) Procedure for the collection of personal data: the person concerned himself or his legal representative; other natural persons other than the person concerned or his representative; mutuality or private entity contracted as a supplier of services related to the prevention of occupational risks and with prior authorisation of the data subject.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Data specially protected: health. It is specified that being specially protected can only be used for the legitimate purposes for which it is obtained in relation to the PRL service.

2. Non-Identifiers: first and last names, NIF/DNI, address, telephone, image/voice, number of Social Security/Mutuality, other data of an identifying character: email.

3. Personal characteristics: age, date of birth, sex, anthropometric.

4. Academic and professional: training, qualifications, professional experience.

5. Job Details: Profession, Worker's History, Jobs.

Treatment system: mixed.

e) Data transfers of a personal nature and, where appropriate, transfers of data that are provided to third countries: mutual work and other prevention services. In the event of an accident at work, if the mutuality so requests and is essential for the integrity of the worker.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Workplace Risk Prevention Service.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the required level: high level.

10. Business Coordination File in the Central Organ of MINISDEF.

a) Finality of the file and the intended uses for it: control of the external companies and their staff, who work or provide services in the headquarters and peripherals in the field of the Interior Regime SDG of the MINISDEF. Management of business coordination as set out in Law 31/1995 of 8 November on the prevention of occupational risks.

(b) Persons or collectives on which they are intended to obtain personal data or which are obliged to supply data: suppliers.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Identifiers: first and last names, NIF/DNI/residence card, address, telephone, image, Social Security/Mutuality number, health card, firma/footprint.

2. ° Personal characteristics: date of birth, physical characteristics, age, nationality, gender, place of birth.

3. Academic and professional: professional experience, training, qualifications.

4. Job Details: Profession, job position, worker's history.

5. Business Information: Commercial licenses, activities, and business.

6. Economic, financial and insurance: insurance, civil liability policy.

7. Transactions of goods and services: goods and services supplied by the affected person.

8. º Social Circumstances: Not contemplated.

9. Data Criminal offence: data relating to administrative offences.

Treatment system: mixed.

(e) Recessions of personal data and, where applicable, data transfers that are provided to third countries: they are not foreseen.

f) Body of the Administration responsible for the file: Ministry of Defense, Undersecretary of Defense. Sub-Directorate-General for the Internal Regime. General Affairs Unit.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the level required: average level.

11. Civil Personnel file dependent on the Interior Regime SDG of the MINISDEF.

a) Finality of the file and the intended uses for it: control of the files: licenses, leave, permits, vacations, high and low medical, disciplinary files of the staff cited.

(b) Persons or collectives on whom data of a personal nature are intended to be obtained or which are required to supply such data: employees, beneficiaries, jobseekers.

c) Procedure for the collection of personal data: the data subject himself or his legal representative; sources accessible to the public.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Data specially protected: health, union membership and data derived from acts of gender-based violence.

2. Non-Identifiers: first and last names, NIF/DNI, address, telephone, image/voice, Social/Mutual Security number, health card, electronic signature, personal registration number, firma/footprint.

3. º Personal characteristics: age, nationality, date of birth, sex, place of birth, marital status, family data, physical characteristics, anthropometric characteristics.

4. º social circumstances: licenses, permissions, authorizations.

5. Academic and professional: training, qualifications, professional experience.

6. Job Details: Worker's history, profession, jobs.

7. Economic, financial and insurance: pension plans, retirement, benefits, benefits, insurance.

8. Transactions of goods and services: compensation/compensation.

9. Data Criminal offence: data relating to criminal and administrative offences.

Treatment system: mixed.

(e) Data transfers of a personal nature and, where appropriate, data transfers to third countries: no disposals are foreseen.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Affairs Unit.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the required level: high level.

General Secretariat

12. Military Personnel Management file of the Interior Regime SDG of the MINISDEF.

a) Finality of the file and the intended uses for it: management of military personnel of the SDG of Interior Regime and conservation of the historical of the Hojas of Services of the same, during the period of time legally set.

(b) Persons or collectives on whom data of a personal nature are intended or required to be supplied: military/collective insurance beneficiaries.

c) Procedure for the collection of personal data: the data subject himself or his legal representative; official publications, e.g. BOD, BOE.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Data specially protected: health, data derived from acts of gender-based violence.

2. Non-Identifiers: first and last names, NIF/DNI, address, telephone, firma/fingerprint, image/voice, number of Social Security/Mutuality, personal registration number, other data of an identifying character: email, signature electronic, health card.

3. º Personal characteristics: age, nationality, date of birth, sex, place of birth, marital status, family data, physical characteristics, anthropometric characteristics.

4. º social circumstances: licenses, permits, authorizations, military situation.

5. Academic and professional: training, qualifications; professional experience; training; professional associations.

6. Job Details: Non-Economic Payroll Data, Worker History, Profession, Jobs.

7. Economic, financial and insurance.

8. Transactions of goods and services: compensation/compensation.

9. Data Criminal offence: data relating to criminal offences and data relating to administrative offences.

Treatment system: mixed.

(e) Data transfers of a personal nature and, where appropriate, data transfers to third countries: no disposals are foreseen.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. Service Sheets section.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the required level: high level.

13. File of Social Activities in the Central Organ of MINISDEF.

a) Finality of the file and the intended uses for it: management of the various cultural activities promoted in the field of the Central Authority of MINISDEF and managed by the SDG of Interior Regime.

(b) Persons or collectives on whom they are intended to obtain personal data or who are obliged to supply such data: employees/military officers, citizens or residents, family members participating in the activity.

c) Procedure for the collection of personal data: the data subject himself or his legal representative.

d) Basic file structure and description of the personal data included in the file:

Description of data types:

1. Identifiers: first and last names, NIF/DNI, telephone, signature, other data of an identifying character: electronic mail/federal license/vehicle.

2. º Personal characteristics: age; date of birth; sex.

3. º social circumstances: military situation; membership of clubs.

4. Job Details, Profession, Jobs, Telephone.

5. Transactions of goods and services.

Treatment system: mixed.

(e) Data transfers of a personal nature and, where appropriate, data transfers to third countries: no disposals are foreseen.

f) Body of the responsible file administration: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat.

g) Services or units to which the rights of access, rectification, cancellation and opposition can be exercised: Ministry of Defense. Deputy Secretary of Defense. Sub-Directorate-General for the Internal Regime. General Secretariat. Paseo de la Castellana, 109; 28046 Madrid.

h) Security measures with indication of the level required: entry level.

ANNEX II

Relation of personal data files that are deleted

1. Automated personal identification file on the Central Organ.

2. Automated file for control of visits in the Central Organ.

3. Automated file of the Ministry of Defense's Central Arms Intervention.

4. Medical service file of the Central Authority of the Ministry of Defense.

1. Automated personal identification file on the Central Organ.

Created by ORDER 75/1994, of July 26, which regulates the automated processing files of personal data in the Ministry of Defense.

The information in this file has been included in the "Personnel Identification File of the Central Authority of the Ministry of Defense", referred to in Annex I of this ministerial order.

2. Automated file for control of visits in the Central Organ.

Created by ORDER 75/1994, July 26.

The information in this file has been included in the "Access Control File of the Central Headquarters of the Ministry of Defense", referred to in Annex I of this ministerial order.

3. Automated file of the Ministry of Defense's Central Arms Intervention.

Created by ORDER 75/1994, July 26.

The information in this file has been included in the "Central Arms Intervention File of the Central Organ of the Ministry of Defense", referred to in Annex I of this ministerial order.

4. Medical service file of the Central Authority of the Ministry of Defense.

Created by Order DEF/30 26/2009 of 4 November, creating and deleting files of personal data in the Center of Information Management of the Air Force, in the Medical Service of the Central Organ, in the Institute for Housing of the Armed Forces and in units of the Army of the Earth.

The information in this file has been included in the "File of the Health Unit of the Central Authority of the Ministry of Defense", referred to in Annex I of this ministerial order.