DGT Official Website

I.-AIM

By virtue of Royal Decree 873/2014, of 10 October, amending Royal Decree 400/2012, of 17 February, detailing the organic structure of the Ministry of the Interior, Article 10.u) sets out the powers of this Body, among others, to process traffic sanctioning files, to process and resolve declarations of nullity and to settle claims administratively. The online service for the payment of fines supplements the entire cycle of the administrative process of such sanctioning files, enabling a new system which allows for the payment of the imposed sanction.

The provisions laid down in Article 98.2 of Law 39/2015 on the Common Administrative Procedure for Public Administration concerning payment acceptance via electronic means are therefore complied with. The service is delivered from the DGT website and is subject to Chapter V, e-Operation of the Public Sector, of Law 40/2015 on the Legal System applicable to the Public Sector.

II.- DESCRIPTION OF THE SERVICE

The online service for the payment of fines consists in the payment of those outstanding unpaid fines indicated by the concerned person, either by bank card or by any other sound means. This method adds to other methods for the payment of sanctions issued by DGT at Post Office premises, at collaborating financial institutions or at Provincial or Local Traffic Departments.

This service offers two options: the concerned person can pay the sanction using an identification or without it. In the first case, the concerned person identifies him/herself using an electronic signature or other means of authentication; doing so, information on all the outstanding unpaid sanctions issued to this person by the authorities reporting to DGT is displayed. This service enables the concerned person to select the fine(s) he/she intends to pay which will be charged in one single transaction. The second option does not require the user to identify themselves so they must fill in all the compulsory fields relating to the unpaid fine that appears on the screen. In this case, the user can only pay one fine per session using a bank card or other authorized means.

In both instances, the user will be accordingly informed if a reduction to the fines selected is applicable.

III.-PRICING AND METHOD OF PAYMENT

The pricing is based on the amounts due for the relevant fines that the user intends to pay; the system will apply the legally established reductions, insofar as possible, taking into account the date of the payment and the stage at which the corresponding follow-up proceedings is. The service accepts Visa and Mastercard bank cards, either credit or debit, at national and international level.

IV.- CANCELLATION POLICY

Once the payment has been completed, the user who wishes to cancel the process and be refunded the amount paid shall have the option to request so on this service during the 24 hours following payment. Another option is to request proceedings for the refund of the amount paid by either submitting Form 1.51 at any of the registry offices to DGT or on the service itself.

If the user has an electronic signature, the form can be submitted electronically. The user can also print and fill in Form 1.51 and hand it in personally at any Provincial Traffic Department.

Once the form has been submitted, DGT shall assess its content and shall give a suitable response to the petition within the time limits and in the form stipulated by law.

V.- PRIVACY AND PERSONAL DATA PROTECTION POLICY

By virtue of this Privacy Policy, DGT, domiciled in 44 Josefa Valcárcel, Madrid, informs users of the electronic services, of its privacy and personal data protection policy so that they can decide freely and voluntarily whether they wish to facilitate their personal data that may be required when using our services.

V.1.- DATA CONTROLLER

The controller of the personal data collected for providing the service will be the DGT Data Protection Officer; the contact details are as follows:

• Directorate-General for Traffic
• CIF: Q2816003D.
• C/ Josefa Valcárcel, 44 3ª planta, 28071, Madrid.
• E-mail: protecciondedatos@dgt.es

The Data Protection Officer is responsible for:

• Informing and advising the data controller as well as the civil servants in charge of any obligations derived from the Regulations and other data protection provisions.
• Supervising that the data controller complies with the provisions set forth in the data protection regulatory policy.
• Upon request, providing advice on the impact assessment concerning the protection of personal data.
• Cooperating with the Spanish Data Protection Agency and serving as the contact point with this agency.
• Taking action in the event that data subjects submit to the data protection officer an optional complaint prior to the appeal to the Spanish Data Protection Agency.
• Addressing the issues that arise from the processing of personal data and from the exercise of the data subject rights in accordance with the General Regulations on Data Protection.

The personal data collected shall be processed by DGT on the basis of the service provided on the DGT website and its software applications, being the body responsible for their processing.

The user may provide personal information voluntarily, either by filling in certain data collection forms included in our different services or at the e-mail addresses and telephone lines specifically created for that purpose. Providing any personal details on the various forms - on paper or electronically, e-mail addresses and telephone - involves accepting and agreeing to their processing under the terms and conditions established in this privacy policy.

V.2. PURPOSES FOR WHICH PERSONAL DATA ARE PROCESSED

In general, the collection and processing of your personal details have the following purposes:

• To contact the user to inform him/her of the formalities conducted at DGT;
• To adequately process and manage all the queries, comments, incidents or suggestions DGT receives;
• To manage basic administrative tasks;
• To successfully manage the relevant electronic service;
• To keep the user informed through the provided electronic channels of those formalities conducted at DGT and of any other information related to these formalities as well as of outstanding obligations with DGT.

V.3. LEGITIMACY

The legal basis enabling the above mentioned processing is to conduct the required services based on the user's consent and the legitimate interests of DGT.

V.4. RECIPIENTS OF THE PERSONAL DATA

DGT shall be the recipient of the data provided as well as any other public administration that is competent in the administrative procedure managing the service.

Electronic Payment services external to DGT shall also receive information with a view to performing payment transaction(s) effectuated with the bank card, that is, the company INDRA Sistemas S.A. in charge of the bank card payment gateway service.

As for data processing, the recipients of the provided information either DGT units or other public administrations and bodies agree to respect their confidentiality and to process them in accordance with the purposes previously authorized.

V.5. RIGHTS OF THE DATA SUBJECT

Data subjects will be able to exercise their rights of access, rectification, deletion, limitation, opposing and portability of their personal data, as established in Articles 15-22 of the General Regulations on Data Protection.

Data subjects can exercise the rights before the Directorate-General for Traffic as follows:

• By e-mailing the controller, submitting this form to: protecciondedatos@dgt.es
• In person at any of the Registers network submitting the filled in form available below.
• Online, using the e-Register on the DGT website.

The data subject may, at any later time, revoke the authorisation granted for processing his/her personal data under the terms established in the current regulations on personal data protection.

The data subject shall be responsible, notwithstanding, for the accuracy of the data provided. DGT has the right to exclude from the use of the service any data subject who may have provided false data, without prejudice to any other actions applicable under the Law. The data subject undertakes to communicate any modification in the personal data provided.

The data subject also has the right to bring a complaint before the Agencia Española de Protección de Datos: C/ Jorge Juan, 6. 28001. MADRID.

V.6. LENGTH OF TIME THE DATA ARE TO BE STORED

DGT will only store the personal data belonging to the data subject insofar as we may need them for the purposes for which they were collected and in accordance with the legal basis to process such data. DGT will store the personal data as long as there is a contractual and/or trading relationship with the data subject and provided that the data subject does not exercise his/her right to erase, cancel and/or limit the processing of such data.

In these cases data are duly blocked, without any use except storage, for as long as they may be necessary for the exercise or defence of claims or for addressing any liability of judicial, legal or contractual nature which may arise from their processing and that would require therefore the recovery of data.

DGT shall comply with the current regulations as regards the cancellation of personal information that is no longer necessary for the purpose or purposes for which it was collected. DGT shall block this information, with a view to addressing any possible liability arising from data processing and only for the duration of such liability. At the end of the aforementioned period, this information will definitely be erased using secure methods.

V.7 SECURITY MEASURES

DGT has adopted the required safety levels for personal data protection laid down in the current regulations, depending on the type of information processed and has implemented all the additional technical means and measures so as to protect personal data against alteration, loss and unauthorized disclosure or access. DGT ensures that the appropriate security measures have been adopted to guarantee the safety of the information and the confidentiality of data that the data subject submits online. To that end, the Secure Socket Layer (SSL) technology has been used; the systems allows for the encryption of the information provided, preventing it from being read even if it is unlawfully intercepted. DGT website is certified in such a way that the data subject's browser may confirm DGT's identity before any transmission is conducted. This certificate shall ensure the identity of the computer to which the data subject is sending his/her data. The user can check that SSL security is enabled when a lock icon is displayed at the bottom of most browsers. If the user clicks on the icon, the certificate associated with the security connection is displayed. Notwithstanding with the above, the user should be aware that the security measures on the Internet are not foolproof.

V.8 USE OF COOKIES

Access to this website may involve the use of cookies. Cookies are small pieces of data stored on each user's web browser for the server to remember certain information for later use. This information may identify you as an specific user and stores the user's preferences, as well as technical information such as the user's browsing activity or which pages were visited.

Users who do not wish to receive cookies or wish to be informed before they are stored on their computer can set their browsers to that end.

VI.- SECURITY IN THE TRANSACTIONS

DGT ensures that any data concerning the means of payment will be treated in the strictest confidence and with high standards of security. The bank card data used for the payment are transmitted in SSL encrypted form, guaranteeing the secrecy of communications through a dialogue with encryption keys.

So as to guarantee the security of transactions performed on this website, DGT has incorporated in its control processes the verification and pre-management of the payment card information provided by the user. DGT reserves the right to reject payment of fines using cards which do not belong to the user, that have been fraudulently acquired, or intended for being used in a fraudulent transaction that may prejudice the interests of the card holder, of DGT or of a third party.

Providers and issuers of electronic means of payment may have adopted other anti-fraud measures that may involve rejecting certain types of operations. DGT neither controls nor accepts liability for damages that may be caused by the implementation of policies approved by the various providers or issuers of electronic means of payment .

Using a means of payment whose ownership corresponds to a third party shall be prohibited, except when this third party has expressly authorised its use, being the proof of such authorisation under the responsibility of the third party, who will assume any damage caused to DGT.

VII.-ACCEPTANCE OF THE TERMS AND CONDITIONS AND USER LIABILITY

The user expressly states that they know and accept, fully and unreservedly, the content of the general terms and conditions, in respect of access to and use of the site www.dgt.es included in the Legal Notice and, in particular, those conditions regarding the exemption from liability and reserved intellectual or industrial property rights in favour of DGT. The user also accepts the content of the general Terms and Conditions to access and use the online payment of fees service and undertakes to use it under the provisions of the Law, moral duty, health, public order and standards of public decency and DGT is exempted from any claim arising out of the breach of the obligations.

The user is the holder and responsible for the custody of the debit or credit card/s used for the online payment of sanctions and undertakes to adopt all the necessary measures to avoid an unauthorized use. The user frees DGT from any liability arising from the improper or fraudulent use of the bank card by an unauthorized third party and/or from the compensation for any damages caused by non-compliance with the obligations laid down in this clause. DGT is not liable for the potential failures in the computer system of the user which are not attributable to DGT.

VIII.-APPLICABLE LEGISLATION AND JURISDICTION

The provision of this service will be governed by the law in force in Spain. Both parties accept the jurisdiction of the Courts located in the appropriate capital of the province in which the service is provided.