Data protection policy
Legal data protection notice
1. Data Controller
The data controller of your personal data is Endesa, S.A. holder of Tax ID No. (CIF) A28023430. The contact details of the data controller are as follows: Postal address: C/ Ribera del Loira, 60. 28042-Madrid.
2. Purpose and processing
The personal data provided by shareholders (for the exercise or delegation of their attendance or voting rights at Meetings, to facilitate communications) or that are provided by banking institutions, companies and security brokers with whom shareholders have deposited their shares, will be stored and processed by Endesa, S.A. for the purposes of facilitating communications with shareholders within the framework of shareholder relations and facilitating compliance with the corresponding legal obligations.
Personal data retention period
The personal data of shareholders will be retained for as long as necessary for the aforementioned purposes. As soon as they are no longer needed for these purposes, they will be blocked for the period in which they are required for the exercise or defence against administrative or legal proceedings and they may only be unblocked and processed again on these grounds. Once this period comes to an end, the data will be definitively cancelled.
3. Legitimacy of processing data
The legitimacy of the processing of your data is based on the legitimate interest of Endesa S.A., and, furthermore, for compliance with applicable legal obligations. Therefore, the refusal to provide the personal data requested or the provision of inaccurate or incomplete data may affect your activities as a shareholder in Endesa, S.A.
Shareholders are responsible for the accuracy of the data provided and for informing Endesa, S.A. of any change to them.
4. Recipients of personal data
Your personal data may be transferred to Public Administrations, Authorities and Institutions, including the Courts, when required so under the applicable regulations.
Service providers that Endesa, S.A. contracts or may contract, that are classed as data processors, may also access personal data.
5. Security measures
In order to ensure an efficient Data Protection Policy, Endesa, S.A. has adopted the necessary technical and organisational security measures to prevent the alteration, loss, misuse, unauthorised access and handling or theft of data considering the state of technology.
6. Rights of shareholders in terms of the processing of their personal data
Shareholders may exercise their rights of access, rectification, cancellation, limitation of processing and data portability in the cases and within the scope set out by the applicable regulations at any given time.
To exercise these rights, they must write to Endesa, S.A. using one of the following channels:
- By post, attaching a copy of your DNI, passport or government-issued identity document and the request to the Secretaría del Consejo de Endesa, S.A., located in Madrid at C/ Ribera del Loira, nº 60, 28042.
- By email at email@example.com with the following information: the data subject's full name, address, photocopy of the national identity card, passport or government-issued identity document and request.
You are hereby also informed of your right to file a complaint before the Spanish Data Protection Authority.
7. Data Protection Officer
Endesa, S.A. has appointed a Data Protection Officer for the Endesa Group. The corresponding contact details are as follows: Postal address: C/ Ribera del Loira, 60. 28042-Madrid. Email: firstname.lastname@example.org