Data protection

Subtítulo sit amet consectetur adipiscing elit.

Administrador de Infraestructuras Ferroviarias (Railway Infrastructure Manager)
Article 18.4 of the Spanish Constitution requires the legislator to limit the use of information technology in order to guarantee the honour, the personal and family privacy of citizens and the legitimate exercise of their rights. Thus the right to the protection of personal data has become a fundamental right of all citizens.

European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and to the free flow of such data (GDPR).

Records of data processing activities

In accordance with Article 31.2 of Spanish Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights, we at Adif, in our capacity as Data Controller, or where appropriate, Data Processor, and within the proactive responsibility measures that we are implementing, we publish on our website all personal data processing activities carried out, including, among other information, who processes the data, for what purpose and what legal basis legitimises the processing.

Information clauses

As per the principles of transparency, communication and information to the interested party established by the European General Data Protection Regulation (GDPR) and the Spanish Organic Law on Data Protection, and with the purpose of informing interested parties in a clear, concise and easily accessible manner, both regarding the conditions of the data processing and the responses to the exercise of their rights, we at Adif publish the following information clauses on our website regarding our records of data processing activities.

Rights of interested parties

ADIF has, where appropriate, the duty to guarantee that data subjects can exercise their rights of access, rectification, erasure, objection and restriction, in accordance with Articles 15 to 21 of European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free flow of such data (GDPR).

Requests to exercise data rights

The data subject shall directly exercise the rights of access, objection, rectification, erasure and restriction of their personal data before the data controller through the corresponding request forms.

Such request forms shall be available in all departments or addresses where data rights may be exercised, as well as online in the following sections of Adif's website: "About Adif" section, "Transparency" section.

Modelo de solicitud para el ejercicio de los derechos del interesado
Formulario de solicitud del derecho a la ... download file type and size(PDF, 1.9 MB)

Right to information

Basic information on data protection. To access any of the services offered through the website www.adif.es, users must first provide some personal data. In accordance with the provisions of European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 (GDPR), we inform data subjects that any personal data provided will be processed by ADIF for the purpose of enabling access to the services offered through the website www.adif.es. The legal basis for processing personal data is public interest or the exercise of public powers. No data will be transferred to third parties, unless legally required.

ADIF, as data controller, will adopt the necessary technical and organisational measures to ensure the security of the personal data provided, thus avoiding its alteration, loss, and unauthorized processing or access. ADIF will process personal data in accordance with the conditions set forth in this section and with the specific conditions of the corresponding service.

Also, users may exercise their rights of access, rectification, erasure, objection and restriction before ADIF in the manner provided by law, by sending their request to the following addressess: dpd.adif@adif.es or by post to 3, Sor Ángela de la Cruz Street, 7th floor, Madrid 28020 –with a copy of the data subject's ID card or passport.
 

You can exercise your data rights by sending a written communication to the "Data Controller" whose contact details can be found in the section "Who is responsible for the processing of your personal data?" Likewise, you can contact our Data Protection Officer if you wish to clarify any aspect related to the processing of your data, on the following e-mail address: dpd.adif@adif.es

In the event that you are not satisfied with the response provided by ADIF regarding your data rights, you may file a complaint with the Spanish Data Protection Agency (www.agpd.es) or any other supervisory authority competent in terms of data protection in the European Union.