Legal notice
All the industrial and intellectual property rights of the website www.visitbiscay.eus (texts, images, sounds, audio, video, design, creativities, software) are owned by the Bizkaia Provincial Council.
Information security and personal data protection guarantee
Bizkaia Provincial Council guarantees the utmost confidentiality during the collection and processing of the data provided by users. Likewise, it has adopted the legally required levels of security for the protection of personal data, and has installed all the means and technical measures at its disposal to prevent the loss, misuse, alteration, unauthorised access and theft of the personal data provided.
The General Data Protection Regulation (hereinafter GDPR) published in May 2016 and applicable starting on 25 May 2018, is a directly applicable regulation throughout the European Union in relation to the protection of individuals regarding the processing of personal data and the free circulation of these data.
The purpose of Organic Law 3/2018 of 5 December on Personal Data Protection and the guarantee of digital rights (hereinafter OLDPGDR), is to adapt the Spanish legal framework to the above-mentioned regulation, in addition to guaranteeing citizens’ digital rights.
Law 16/2023, of 21 December, on the Basque Data Protection Authority, to adapt the organisation and operation of the regulations applicable in the Autonomous Community of the Basque Country to the provisions of Regulation (UE) 2016/679; those of Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights; as well as those of Organic Law 7/2021, of 26 May, on the processing of personal data for the purposes of prevention, investigation, detection, or prosecution of criminal offences, and the execution of criminal penalties.
Royal Decree 311/2022, dated 3 May, which regulates the National Security Scheme, has the aim of ensuring that the entire public sector included in article 156.2 of Law 40/2015, dated 1 October, is aligned with the security requirements established in the scheme.
Law 7/2023, dated 29 June, of the Basque Cybersecurity Agency has the aim of creating and establishing the agency’s functions to support and promote training on cybersecurity and safe digital development.
When exercising its competencies, and in compliance with its legal obligations, the Bizkaia Provincial Council develops activities and provides public services that require it process personal data, and all of this processing must comply with the legal guarantees in force, as included in the data protection regulations. In addition, the Bizkaia Provincial Council information system is in a permanent and continuous process of aligning itself with all applicable requirements, principles, and security measures necessary to that end in accordance with the National Security Scheme and all other applicable information security regulations.
DPO: The functions, responsibilities, status, and equipment of the Data Protection Officer are the responsibility of the head of the competent organic unit in the field of data protection and information security of the Bizkaia Provincial Council, in accordance with Provincial Decree 81/2023, of 4 July, approving the Information Security and Personal Data Protection Policy of the Bizkaia Provincial Public Sector, published in the Bizkaia Official Gazette No. 130 of 6 July 2023.