Processing required to comply with regulatory obligations
The legal basis of this processing is the requirement to comply with a legal obligation that is required of us, as laid out in Article 6.1.c) of the General Data Protection Regulation (GDPR).
Therefore, it is necessary for you to establish and maintain Contractual Relations with us. If you object to it, we will need to end these relations, or we cannot establish them if they have not yet started.
The types of processing required to satisfy the regulatory requirements are listed below, arranged from (A) to (D). We will indicate for each of them: a description of the purpose (Purpose), whether or not the processing is carried out jointly with other CaixaBank Group companies (Data Controller/Joint Data Controllers) and data categories processed (Data categories)
A. Processing to comply with anti-money laundering and terrorist financing regulations
Purpose
The purpose of this processing is to adopt the measures imposed on our activity by Law 10/2010, on the Prevention of Money Laundering and Terrorist Financing.
The processing operations that are carried out to comply with anti-money laundering and terrorist financing regulations are:
Data categories
The categories of data we will process for this purpose, the content of which is detailed under heading 5 of our Privacy Policy, ( www.caixabank.com/privacypolicy), are:
Joint data controllers
The following CaixaBank Group companies are joint data controllers in the processing operations that are carried out to satisfy their obligation to prevent money laundering and the financing of terrorism. These companies will be able to share data and use it for the indicated purpose.
B. Processing to comply with tax regulations
Purpose
The purpose of this processing is to adopt the measures imposed on our activity by Law 58/2003 of 17 December, the General Tax Law, and other applicable tax laws.
The processing operations carried out to comply with tax regulations are:
Data categories
The categories of data we will process for this purpose, the content of which is detailed under heading 5 of our Privacy Policy, ( www.caixabank.com/privacypolicy), are:
Data controllers
The following CaixaBank Group companies are joint data controllers in the processing operations that are carried out to comply with tax laws. These companies will be able to share data and use it for the indicated purpose.
C. Processing to comply with obligations arising from sanctions policies and international financial countermeasures
Purpose
The purpose of this processing is to adopt the measures imposed on our activity by the international financial sanctions and countermeasures programmes adopted by the European Union and the Kingdom of Spain.
The processing operations that are carried out to comply with international sanctions and financial countermeasures programmes are:
Data categories
The categories of data we will process for this purpose, the content of which is detailed under heading 5 of our Privacy Policy, ( www.caixabank.com/privacypolicy), are:
Data controllers
The following CaixaBank Group companies are joint data controllers in the processing operations that are carried out to satisfy their obligations arising from international sanctions policies and financial countermeasures. These companies will be able to share data and use it for the indicated purpose.
D. Processing to comply with obligations for granting and managing credit transactions and for consulting and reporting risks with the Bank of Spain's Risk Information Centre (CIRBE).
Purpose
The purpose of this processing is to comply with the measures established for our activity by Law 44/2002, on Financial System Reform Measures; Law 10/2014, of 26 June, on the Regulation, Supervision and Solvency of Credit Institutions, and other regulatory principles and obligations on responsible lending.
The processing operations that are carried out to comply with our obligations involving credit operations are:
Data categories
The categories of data we will process for this purpose, the content of which is detailed under heading 5 of our Privacy Policy, ( www.caixabank.com/privacypolicy), are:
Data controllers
The following CaixaBank Group companies are joint data controllers in the processing operations that are carried out to satisfy their obligations for the granting and management of credit transactions and the consultation and disclosure of risks to the Bank of Spain's Risk Information Centre (CIRBE). These companies will be able to share data and use it for the indicated purpose.
You will find the list of companies that process your data, as well as the essential aspects of the joint data controller agreements at: www.caixabank.es/empresasgrupo.