Go to content
open box image

Mi Carpeta Ciudadana - More Information

Mi Carpeta Ciudadana keeps open a channel of proactive communication with the citizens. We look forward to receiving your proposals for improvement about the portal and about the Apps .
In addition, we will keep the the roadmap  of incorporation of new functionalities for the short and medium term.

If you have any additional incident or doubt you can use our contact form .

Privacy Policy

Please, as a user of the service "My Citizen Folder" (hereinafter MY CITIZEN FOLDER), read this privacy policy carefully. In it you can find all the information about the data that is collected about you, how they are used and what control you have over them.

1. Who is responsible for the processing of your data as a user of MY CITIZEN FOLDER?

The person responsible for the processing of your data as a user of MY CITIZEN FOLDER is:

  • Name: State Agency for Digital Administration (hereinafter, the AEAD).
  • Data Protection Officer: dpd@digital.gob.es
  • DPD Address: Calle Poeta Joan Maragall, 41, planta 12, 28046 Madrid

The entity responsible for the service “My Citizens’ Portfolio” is the State Agency for Digital Administration, a governing body under the Secretary of State for Public Service of the Ministry for Digital Transformation and Public Service.

2. What data do we process about you?

The information that we process about you as a Data Controller comes from personal data that you can provide to us through external services or personal data that comes from other Data Controllers.

The data relating to you that are treated in “My Citizen Folder” belong to the following typologies:

  • Identification or contact data: name, surname, ID, postal address or email, among others.
  • Identification data of your device.
  • Data related to your citizenship and residence: what is your Autonomous Community, province or municipality, municipal register data, etc.
  • Data related to upcoming events and appointments that you have made with the Public Agencies integrated in “My Citizen Folder”.
  • Data related to the educational field: degrees obtained, scholarships and study grants, etc.
  • Data on health and the scope of social services: certificates of disability, degree, dependency status, benefits, aids, etc.
  • Professional and retirement data: employment situation, demand for employment, working life, benefits, request for retirement, etc.
  • Housing and urban planning data: rustic or urban real estate, cadastral registration, etc.
  • Vehicle and transport data: vehicles owned by you, driving licence, points of your card, etc.
  • Data on issued notifications of which you are the interested party: data from the BOE Single Bulletin Board (TEU), such as, for example, those relating to the body/department issuing the notification and date of publication.
  • Data of a public registry: number, office of origin/destination, date of registration, data of the interested party, status, etc.

In addition, to facilitate access to the mobile app the user can optionally enable the biometric authentication mechanisms provided by the different mobile platforms (iOS, Android…) that manage and store on your mobile device your biometric identification data, such as facial recognition or fingerprint.

The rest of the information, such as the information that may be necessary to obtain your data for the generation of some proof, comes from external sources and will be treated appropriately by each of the Treatment Managers. The AEAD is responsible for the processing of such personal data.

3. How does “My Citizen Folder” get your data and where does it come from?

Personal data are obtained through other Public Administrations for which the AEAD is in charge of processing.

4. What is the legal basis for the processing of your data?

The processing of personal data that may be carried out through the “My Citizen Folder” service is based on its legality on:

  • The interested party gave his consent in accordance with Article 6.1.a) of the GDPR. You have the right to withdraw your consent at any time, although this withdrawal will not affect the lawfulness of the treatment based on the consent prior to its withdrawal. The interested person gives his consent associated to the following data: privacy preference settings, notification settings and personal summary.
  • Performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller in accordance with Article 6.1.e) of the GDPR.

In addition, we inform you that the regulations applicable to the treatments offered are as follows.

  • Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights.
  • Law 39/2015, of 1 October, on the Common Administrative Procedure of Public Administrations.
  • Law 40/2015, of 1 October, on the Legal Regime of the Public Sector.
  • Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)
  • Royal Decree 203/2021, of 30 March, approving the Regulation on the operation and operation of the public sector by electronic means.
  • Royal Decree 311/2022, of May 3, which regulates the National Security Scheme.

5. For what and why do we use your data?

The information and data collected in My Citizen Folder will be treated only with the aim of offering you the corresponding service. For this purpose, we use your data to offer you the following services:

  • Receive notices (provided you give your prior consent) in your email or PUSH notifications (if you make use of the mobile APP) when you have a prior appointment in a Public Administration or an event that is of your interest.
  • Possibility to adapt the presentation of "My Citizen Folder" according to your preferences.
  • Present your data directly without having to consult them again each time you access "My Citizen Folder".

The purpose of the treatment of “My Citizen Folder” is to facilitate your relationship with the Public Administrations, by offering you in a single access personalized information about your relationship with these and their public agencies and related or dependent entities. In addition, in the event that you decide to use the conversational assistant, we will process your data in order to provide you with a quick search for the information, notices, supporting documents or other data that you request and that are available through the “My Citizen Folder” service.

6. For how long do we store your data?

The storage period will depend on the type of data:

  • Regarding the information related to the section “Personal summary” from the website, they will be automatically deleted if you do not access “My Citizen Folder” for a period of 3 months. However, you can withdraw your consent at any time and such information will not be stored. Through the APP, a query will be made every time you access My Citizen Folder, however, from the Web such information will not be shown.
  • The data processed in “Upcoming Events” will be stored for a maximum period of two years from your last access to the service.
  • With regard to the relative data of the other sections (“My data”, “My files”, “My notifications” and “My writings and requests submitted”), these are not stored, they are only submitted since you make the query or request of the same (by clicking on said section or section).
  • The data processed through the use of the conversational assistant is automatically deleted when your session ends or when at least 30 minutes of chat inactivity elapses.
  • In relation to the information related to the configuration of notices, recent, favorites and the personal photo, the data provided will be stored for a maximum period of two years from your last access to the service.

7. Who has access to your data?

You only have access to your data. Notwithstanding the above, in certain cases (for example, to resolve an incident or query that you ask us) we may need to access the strictly necessary data in order to resolve the incident or respond to your query.

8. What are your rights and how can you control your data?

The regulation gives you a series of rights in relation to the data and information we process about you. Specifically, the rights of access, rectification, deletion and portability of data, limitation and opposition to its treatment.

For those data in which the AEAD is responsible for the processing You can exercise the rights established in article 15 and following of the GDPR, at any time and free of charge, by sending an email to protecciondatos.sgad@correo.gob.es or by sending a postal mail to the address Calle del Marmol, 2, 28005 Madrid.

You can consult the full scope and detail of these rights on the website of the Spanish Data Protection Agency (AEPD) .

You also have the right to complain to the Data Protection Delegate of the Ministry for Digital Transformation and Public Service, either through the email dpd@digital.gob.es or by sending postal mail to the address Calle Poeta Joan Maragall, 41, planta 12, 28046 Madrid.

For the information processed by the AEAD from other Public Administrations, that is, when the AEAD is in charge of treatment, these rights will be exercised with the Responsible of Treatment in each case. All information regarding the processing of your personal data is available at the following link of the Ministry for Digital Transformation and Public Service: Record of Treatment Activities .

Apart from all the above, you have the right at all times to file a claim with the Spanish Data Protection Agency (AEPD) .

9. How do we protect your data?

The AEAD guarantees the security, secrecy and confidentiality of your data, communications and personal information and has adopted the most demanding and robust security measures and technical means to prevent its loss, misuse or access without your authorization.

The security measures implemented correspond to those provided in Annex II (Security Measures) of Royal Decree 311/2022, of 3 May, which regulates the National Security Scheme.

In addition, we are committed to act quickly and responsibly in the event that the security of your data may be in danger, and to inform you if it is relevant. Protocols for managing security incidents and personal data security gaps are available, which include notifications to supervisory authorities and users in the cases provided by law.

Finally, we inform you that both the storage and the other activities of the processing of your data will always be located within the European Union.

10. Security breaches

If you are aware of the existence of a security breach for which the AEAD is responsible for processing your personal data, please send us an email to protecciondatos.sgad@correo.gob.es.