Privacy policy
Basic information on data protection
In accordance with the General Data Protection Regulation of the European Union and Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights, any citizen who provides personal data to the City Council of Córdoba through any of its communication channels (website, electronic headquarters, etc.) is informed that the processing of their data is carried out by the City Council of Córdoba, with its registered office at Capitulares, 1 14071 – Córdoba – Spain. Contact phone number: +34 957 49 99 00.
Data controller
The personal data that may be collected on this Portal directly from the individual will be treated confidentially and incorporated into the corresponding processing activity owned by the City Council of Córdoba, with its registered office at Calle Capitulares, 1; Postal Code: 14071, Córdoba, phone number 957 499 900. The updated list of processing activities currently carried out by the City Council of Córdoba is available at the following link to the record of processing activities.
Data Protection Officer
You can contact or make any inquiries regarding your personal data with the Data Protection Officer of the City Council of Córdoba. The email address of our Data Protection Officer is: delegadodeprotecciondedatos@cordoba.es.
Purpose
The purpose of the data processing corresponds to each of the processing activities carried out by the City Council of Córdoba, in accordance with the regulations established by Regulation (EU) 2016/679 of the European Parliament and Council on the protection of personal data and other applicable provisions, and in compliance with Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights.
Legal basis for processing
The processing of your data may be carried out for the fulfillment of legal obligations, the exercise of municipal public services, a task carried out in the public interest, for the protection of vital interests, the execution of a contract, or to respond to your inquiries and needs within the competencies of the City Council of Córdoba. Additionally, when the purpose of the processing requires your consent, it must be provided through a clear affirmative action.
Data retention
The personal data provided will be retained for the necessary time to fulfill the purpose for which they are collected and, if applicable, to determine any potential liabilities that may arise from the purpose, in addition to the periods established by the applicable archive and documentation regulations.
Security measures
The security measures implemented correspond to those applied as a result of the risk analysis carried out under Article 32 of Regulation (EU) 2016/679. The risk analysis is based on the measures outlined in Annex II (Security Measures) of Royal Decree 311/2022, which regulates the National Security Framework. All this is in accordance with the First Additional Provision. Security measures in the public sector under Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights, as it is a public administration regulated by Article 77.1.
Data recipients
The personal data collected will only be transferred to third parties, if applicable, with prior consent or due to a legal obligation provided for in each applicable regulation.
Rights of individuals
Anyone has the right to obtain confirmation of how their data is being processed by the City Council of Córdoba.
You may exercise your rights of access, rectification, deletion, and portability of your data, as well as restriction and opposition to its processing, and the right not to be subject to decisions based solely on the automated processing of your data, when applicable, by contacting the City Council of Córdoba, C/ Capitulares, 1; Postal Code: 14071 – Córdoba, or via email at delegadodeprotecciondedatos@cordoba.es. You may also file a complaint or claim at any time for the exercise of your rights with the relevant supervisory authority
Record of Processing Activities
According to Article 30 of the GDPR, all organizations responsible for processing are required to maintain a record of processing activities.
