Audit
Article 6(1)(c) GDPR: processing is necessary for compliance with a legal obligation to which the controller is subject:
- Royal Legislative Decree 1/2010, of 2 July, which enacts the consolidated text of the Spanish Corporate Enterprises Act.
Article 6(1)(f) GDPR: processing is necessary for the purposes of the legitimate interests pursued by the controller.
(*) Foreigner identification number, passport number or residence card number
(**) Manual or electronic.
Security measures corresponding to Schedule A of UNE-EN/IEC 27001 - Information Security Management Systems.
- Spanish state-owned industrial holding company (SEPI).
- Courts of Justice.
- Spanish Court of Audit.
- General intervention of the National Government