Data Protection

Subtítulo sit amet consectetur adipiscing elit.

Administrator of Rail Infrastructures
Article 18.4 of the Spanish Constitution states that the law shall limit the use of data processing in order to guarantee the honour and personal and family privacy of citizens and the full exercise of their rights. Accordingly, all citizens have a fundamental right to the protection of their personal data.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 governs the protection of natural persons with regard to the processing of personal data and the free movement of such data (GDPR).

Adif processing activity registry

In accordance with article 31.2 of Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD), Adif, in its capacity as Responsible party, or where appropriate those in charge of the processing, and within the proactive responsibility measures that we are implementing, we publish on our website the inventory of the personal data processing activities that we carry out, identifying, among other information, who processes the data, for what purpose and what legal basis legitimizes the processing.

Informative clauses

Framed within the principle of transparency, communication and information to the interested party established by both the European Data Protection Regulation (GDPR) and the Organic Law on Data Protection (OLDP), and in order to inform the interested parties in a clear, concise, easily accessible way, both with regard to the conditions of the processes that affect them and in the responses to the exercise of rights, at Adif we publish the following informative clauses on our website in relation to our records of processing activities.

Rights of data subjects

In accordance with Articles 15 to 21 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April, 2016, on the protection of natural persons with regard to the processing of personal data and the free movement of such data (GDPR), ADIF has the duty to guarantee the rights of natural persons to access, rectify, erase, object to and restrict the processing of their data.

Request to exercise rights

The affected party will directly exercise the rights of access, opposition, rectification, deletion and limitation of their personal data against the person responsible for the file through the corresponding application forms.

Such requests will be available in all departments or addresses where rights can be exercised, as well as at the following addresses: Adif website, "About Adif" section, "Transparency" section.

Modelo de solicitud para el ejercicio de los derechos del interesado
Formulario de solicitud del derecho a la ... download file type and size(PDF, 1.9 MB)

Right to information

Basic information about data protection. To access any of the services offered through the website www.adif.es, users must first provide some personal data. In accordance with the provisions of European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 (GDPR), we inform data subjects that any personal data provided will be processed by ADIF for the purpose of enabling access to the services offered through the website www.adif.es. The basis that legitimizes the processing of personal data is the public interest or the exercise of public powers. No data will be disclosed to third parties, except for legal obligations.

Adif, as the party responsible for processing personal data, shall adopt all the technical and organisational means required to ensure the safety of all personal data provided, avoiding any altering, loss and unauthorised processing of, or access to said data. ADIF shall process these data in accordance with the conditions specified in this section and pursuant to that which is set forth in the specific conditions of the service in question. 
 
The interested party may exercise their rights of access, rectification, erasure, objection, restriction of processing and portability before the Data Controller, in accordance with Articles 15 to 21 of the General Data Protection Regulation, by sending their request to ADIF, at the following postal address: Avenida Pio XII, 97 bis, 28036, Madrid, including a photocopy of their ID or passport.
 

You may exercise these rights by sending a written request to the "Data Controller", whose contact details you will find in the section "Who is responsible for processing your personal data?". If you wish to clarify any aspect related to the processing of your data, you may contact our Data Protection Officer at the following email address: dpd.adif@adif.es

If you are not satisfied with the response from ADIF regarding the exercise of your rights, you may file a complaint with the Spanish Data Protection Agency (www.agpd.es) or with any other supervisory authority for data protection in the European Union.