Privacy Policy

Please read this privacy and data protection policy carefully as users of the application It works, where you can find all the information about the data that is collected about you, how it is used and what control you have over it, as established, Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights.

The privacy policy applies to the mobile app:

• App Works v 2.0 and later for Android.
• App Works v 2.0 and later for iOS.

The person responsible for the processing of your data as a user of Functions is:

• Name of responsible body: General Secretariat of Digital Administration (hereinafter, the SGAD).
• Direction: C/ Del Marble nº2, 28005
• Data Protection Officer: dpd@mineco.es
• Direction DPD: Paseo de la Castellana, 162 - 28046 Madrid.

The unit responsible for the Authentic Service is the General Secretariat of Digital Administration (SGAD), a governing body attached to the Secretary of State for Public Service of the Ministry for Digital Transformation and Public Service.

The information we process about you will depend on the use you make from It Works.

The data relating to your person that could be processed in Functions will be obtained from Authentic Or they will be provided by you, and will belong to one or some of the following typologies:

• Data of an identifying or contacting nature:
  • Name and surnames
  • NIP
  • Charge/Position
  • Ministry of Education
  • Centre of Management
  • Destination Centre
  • Location
  • Province
  • Email address:
  • Telephone number:
• Data of the duty station:
  • Direction of work
  • Cod. Postcard
  • Email address:
  • Telephone number
• Professional/work data that may contain personal information, including:
  • Remuneration/payroll
  • Professional Record
  • Registration documents
  • Pension plans
  • Statements
  • Reports
  • Certificates IRPF
  • Curriculum Vitae (CV)
  • RCP files
• Personal data of the person responsible
• Data of the manager
• Bank details
• Economic data

As a user of the application you can enter and edit the personal data relating to the curriculum in the section My CV > CV Data > Personal Data.

In no case will we obtain your data without your consent and at all times you can access and consult them in the section of “My Profile”.

We will notify you of any changes that must be accepted in order to continue using the application.

The processing of personal data that can be carried out through Opera is based on the performance of a task carried out in the public interest or on the exercise of public powers conferred on the controller in accordance with Article 6.1.e) of the GDPR.

In addition, we inform you that the regulations applicable to the services offered by It works are as follows:

• Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights.
• Law 39/2015, of 1 October, on the Common Administrative Procedure of Public Administrations.
• Law 40/2015, of 1 October, on the Legal Regime of the Public Sector.
• Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)
• Royal Decree 203/2021, of 30 March, approving the Regulation on the operation and functioning of the public sector by electronic means.
• Royal Decree 311/2022, of 3 May, regulating the National Security Scheme.

The Works Application offers the staff of the General State Administration (AGE) access to various electronic services of interest for their job.

The information and data collected in Works will be treated only with the aim of offering you a service appropriate to the functionalities of the application.

For this purpose, we use your data to offer you the following services:

• Possibility to download the payroll, consult the user’s personal file and access the offer of places, among other options.
• Activation of notices related to the jobs that may be of interest to you, the novelties in the payroll
• Receive and make updates in the user’s personal file.

The personal data you provide us will be kept for as long as necessary to fulfill the purpose for which they are collected and to determine the possible responsibilities that may arise from the treatments carried out, in addition to the periods established in the regulations on files and documentation.

Specifically, the data to be able to manage your account will be stored until you decide to delete it and deactivate Works.

Your personal data may be transferred to International Banks (NEDAES).

In general, your personal data will not be communicated to other third parties, unless there is a legal obligation, among which may be communications to the Ombudsman, Judges, Courts and persons interested in the procedures related to the complaint submitted.

Neither will international transfers of your data be carried out, a priori. In any case, if these are present, sufficient legal bases and guarantees will be applied in order to legitimize them in accordance with the applicable law.

You only have access to your data, except for the information contained in the Curriculum Vitae, which may be considered public or private, and may be consulted by other interested parties.

Without prejudice to the above, in certain cases (for example, to resolve an incident or query that you ask us) we may need to access the data strictly necessary in order to resolve the incident or respond to your query.

The regulation gives you a number of rights in relation to the data and information we process about you. Specifically, the rights of access, rectification, deletion and portability of data, limitation and opposition to their treatment.

For those data in which the SGAD is responsible for the treatment, these rights will be exercised with the SGAD.

You can consult the full scope and detail of these rights on the website of the Spanish Data Protection Agency (AEPD) .

As for the exercise of your rights, you can do it at any time and free of charge in the following ways:

• You can exercise all these rights at any time and free of charge. You can contact the Data Controller in person at any of the Registry Assistance Network’s offices (https://administracion.gob.es ), or through the electronic headquarters of the Ministry for Digital Transformation and Public Service (https://sedediatid.mineco.gob.es/es-es/Paginas/Index.aspx).
• You also have the right to complain to the Data Protection Delegate, previously and potestatively, through the mail dpd@mineco.es.

Apart from all the above, you have the right at all times to file a claim with the Spanish Data Protection Agency.

The General Secretariat of Digital Administration guarantees the security, secrecy and confidentiality of your data, communications and personal information and has adopted the most demanding and robust security measures and technical means to prevent its loss, misuse or access without your authorization.

The security measures implemented correspond to those provided for in Annex II (Security Measures) of Royal Decree 311/2022, of 3 May, which regulates the National Security Scheme.

In addition, we promise to act quickly and responsibly in the event that the security of your data may be in danger, and to inform you if it is relevant. Security incident management protocols are available, which include notifications to supervisory authorities and users in the cases provided for by law.

Finally, we inform you that both the storage and the rest of the activities of the processing of your data will always be located within the European Union.