Privacy policy

In compliance with the provisions of the regulations on the protection of personal data, in particular, Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights, and the Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data and the free movement of such data (hereinafter, GDPR), we inform you below how your personal data will be processed.

This Privacy Policy will be applicable to all data processing carried out by Red Eléctrica, except for those carried out through specific domains which will be governed by their respective privacy policies, such as:

https://www.redeia.com/en

https://www.reintel.es/en

https://www.esios.ree.es/en

https://www.elewit.ventures/en

https://www.portalclientes.ree.es/#/home

https://redelectricaetica.globalsuitesolutions.com/denuncias

https://redelectricaetica.globalsuitesolutions.com/consultas

Likewise, the basic information provided individually on the processing of your data may contain specific conditions that will prevail over this Privacy Policy.

To ensure proper management in the processing of your data, Red Eléctrica has appointed a Data Protection Officer, who you can contact for any question you may need to ask regarding the processing of your personal data at the email address dpd@redeia.com.

Red Eléctrica may modify this Privacy Policy whenever necessary. If changes are made, we will let you know through this website or by other means, so that you can review the updated privacy conditions. Continued use of the functionalities made available by Red Eléctrica, once the aforementioned modifications have been notified, will constitute your acceptance of them, except in those cases in which your express consent is necessary.

Who is responsible for the processing of your data?

Your data will be processed by Red Eléctrica de España, S.A.U. and/or by the companies that make up Redeia, depending on who receives your request or the nature of your relationship with them. You can consult the companies that are part of Redeia at https://www.redeia.com/en/our-services, of which we provide more information below:

Identity of the main entity: Red Eléctrica de España S.A.U. (hereinafter, "Red Eléctrica"), with Tax Identification Number (C.I.F.): A-85309219.

Other Redeia companies responsible for the processing:

  • Redeia Corporación S.A. with C.I.F.: A-78003662.
  • Red Eléctrica Internacional S.A.U. with C.I.F.: A-82852906.
  • Red Eléctrica de España Finance, B.V. with registration number: NL812199017B01.
  • Redeia Financiaciones S.L.U., with C.I.F.: B-42954917.
  • REDCOR Reaseguros, S.A. with registration No. B153252.
  • Redeia Infraestructuras de Telecomunicación, S.A. with C.I.F.: A-87323127.
  • Red Eléctrica Infraestructuras en Canarias, S.A.U. with C.I.F.: A-76234822.
  • Redeia Sistemas de Telecomunicaciones S.A.U. with C.I.F.: A-88044144.
  • Elewit, S.A.U. with C.I.F.: A-88409990.

Postal address for notification purposes: Paseo Conde de los Gaitanes nº 177, La Moraleja, 28109 Alcobendas (Madrid).

What type of data do we process and from where are they sourced?

Red Eléctrica may process the following types of personal data, depending on the relationship established with the data subject:

  • Identification and contact data (e.g. first name, surnames, identity document, telephone, email, country of residence).
  • Browsing data (e.g. use of the website, sections visited).
  • Voice data, obtained as a result of recording telephone calls.
  • Other types of data. Exclusively in the event that the data subject has voluntarily provided another type of data, deeming it relevant to their request or query and/or by other means (e.g., provided via telephone queries).

The data that Red Eléctrica processes may come from the following sources, depending on the relationship established with the data subject:

  • Data provided by the data subject by filling in forms made available by Red Eléctrica, by sending emails or by any other means by which the data subject communicates with Redeia.
  • Data generated as a result of browsing and use of the website by the data subject.
  • Data provided directly by the operating personnel participating in the course of operational telephone calls with the Red Eléctrica Control Centres.

For what purpose will we process your personal data and what is the lawful basis?

In general, your data will be processed by Red Eléctrica for the fulfilment of the following purposes:

  1. Management of users and provision of services offered through our website.

    • Description of the purpose:

      Red Eléctrica will process your data to provide you with the services we offer on our website and manage registrations as a user in those sections of the website that require prior registration to access the reserved area.

    • Lawful basis for processing:

      Art 6.1.b) GDPR – the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

    • Data processed for this purpose:

      Identification and contact data (name, surnames, postal or electronic address, identity document, telephone number) and data related to the position, job or professional function performed, if applicable.

  2. Manage requests for information, queries, and questions through the forms enabled on the web, through postal or electronic mail, or by telephone contact.

    • Description of the purpose:

      Red Eléctrica will process your data to respond to requests for information, queries, and questions made available to us through forms provided for this purpose on the website, by email or post, or by telephone contact, and provide you with solutions tailored to your needs. Phone calls may be recorded in order to ensure the quality of the service and for security purposes.

    • Lawful basis for processing:

      Art. 6.1b) GDPR – the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

    • Data processed for this purpose:

      Identification and contact data (first name, surnames, identity document, postal or electronic address, telephone number, voice).

  3. Compliance with legal obligations to which Red Eléctrica is subject.

    • Description of the purpose:

      Red Eléctrica, in its capacity as data controller, is obliged to comply with the provisions, among others, with the regulations of the electricity sector, as well as with those obligations necessary for the fulfilment of the functions as operator of the electricity system and manager of the electricity transmission grid. This requires you to provide your personal data to Public Administration bodies, courts, regulatory bodies and Spanish law enforcement authorities.

    • Lawful basis for processing:

      Art. 6.1c) GDPR – the processing is necessary for compliance with a legal obligation to which the controller is subject.

    • Data processed for this purpose:

      Identification and contact data (first name, surnames, identity document).

  4. Compliance with the electricity transmission grid development proposal.

    • Description of the purpose:

      Red Eléctrica, in its capacity as data controller, is obliged to comply with the provisions, among others, with the regulations of the electricity sector, as well as with those obligations necessary for the fulfilment of the functions as operator of the electricity system and manager of the electricity transmission grid. In particular, the obligation to prepare Grid development proposals, which implies that Red Eléctrica will collect your personal data when it submits a proposal and, consequently, they will be included in the proposals report that, by legal obligation, Red Eléctrica must send to the Ministry for the Ecological Transition and the Demographic Challenge, to whom the personal data you provide us will be forwarded.

    • Lawful basis for processing:

      Art. 6.1c) GDPR – the processing is necessary for compliance with a legal obligation to which the controller is subject. In particular, Article 4 of Law 24/2013, of December 26, on the Electricity Sector, Art. 11.5 of RD 1955/2000, of December 1, which regulates the activities of transmission, distribution, commercialisation, supply and authorisation procedures for electricity installations, and Art. 3 et seq. of Order TEC/212/2019, of February 25, which initiates the procedure to make proposals for the development of the electricity transmission grid with a 2030 Horizon.

    • Data processed for this purpose:

      Identification and contact data (first name, surnames, identity document and email address).

  5. Operational coordination and management of the electricity system through telephone calls.

    • Description of the purpose:

      Red Eléctrica makes and receives telephone calls between the operators of its Control Centres and the operators of other entities in the electricity sector, within the framework of the daily operations of electricity system management. These communications are intended to guarantee operational coordination, the exchange of relevant information for incident management, and the stability, security and continuity of the national electricity system. These calls may be recorded to collect the identification data (first name and surnames) and the voice of the participating operators, in order to ensure correct operational traceability, as well as the management and documentation of system incidents.

    • Lawful basis for processing:

      Art. 6.1f) GDPR – the processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party.

    • Data processed for this purpose:

      Identification data (first name and surnames) and voice of the operators participating in the calls.

  6. Sending of information bulletins and subscription to newsletters.

    • Description of the purpose:

      Red Eléctrica provides forms where you can grant your freely given, specific, informed and unambiguous consent to authorise the receipt of information through bulletins or newsletters, both by ordinary and electronic means, as well as information about the activities organised by the company.

    • Lawful basis for processing:

      Art. 6.1a) GDPR – the data subject gave their consent for the processing of their personal data for one or more specific purposes.

    • Data processed for this purpose:

      Identification and contact data (name, surnames, postal or electronic address). It should be noted that you may object at any time to the purpose of processing your personal data for informational or advertising purposes by Red Eléctrica, using the channels enabled for this, as detailed in the section “What are your rights when you provide us with your data?”.

  7. Developing perception studies.

    • Description of the purpose:

      In order to be able to verify your degree of satisfaction with the work carried out by Red Eléctrica, we may carry out perception studies to improve the quality of our procedures and services.

    • Lawful basis for processing:

      Art. 6.1f) GDPR – the processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party.

    • Data processed for this purpose:

      Contact data (first name, surnames, postal or electronic address, contact telephone number) and data relating to the position, job or professional function performed..

  8. Use of cookies and analysis of web browsing.

    • Description of the purpose:

      Red Eléctrica may process your browsing data to manage the correct functioning of the website, analyse how users interact with it, as well as to improve the quality of the services offered and the browsing experience. For these purposes, cookies and similar technologies may be used to analyse user behaviour in an aggregated or individual manner.

      Likewise, Red Eléctrica informs you that it does not carry out individual profiling processes that produce legal effects concerning you or similarly significantly affect you.

      In any case, you can obtain more information about the use of cookies, as well as how to manage or deactivate them, through the Cookies Policy.

    • Lawful basis for processing:

      Art. 6.1.a) GDPR – consent of the data subject, for the installation of analytical and non-essential cookies.

      Art. 6.1.f) GDPR – legitimate interest of Red Eléctrica for the use of technical or strictly necessary cookies for the functioning of the website.

    • Data processed for this purpose:

      Browsing data (e.g., IP address, online identifiers, device information, pages visited, time spent on the site, navigation within the website).

  9. Guaranteeing website security and preventing misuse.

    • Description of the purpose:

      Red Eléctrica will process your data in order to guarantee the security of the website, prevent unauthorised access or cyberattacks, and detect, investigate and, where appropriate, mitigate situations that could compromise the confidentiality, integrity, or availability of information and systems..

      Furthermore, these processing activities ensure the correct technical functioning of the website and protect both Red Eléctrica and its users against potential fraudulent or improper use.

    • Lawful basis for processing:

      Art. 6.1.f) GDPR – legitimate interest of Red Eléctrica in ensuring the security of its systems, networks, and the information processed.

    • Data processed for this purpose:

      Browsing data (e.g., IP address, access records, online identifiers, device information, activity logs).

  10. Management of relationships with representatives and contact persons of entities..

    • Description of the purpose:

      Red Eléctrica will process your personal data when you act as a legal representative or contact person for public or private entities (clients, suppliers, collaborators, institutions, or other third parties) in order to maintain, manage, and develop the professional, administrative, contractual, or institutional relationship, as well as to facilitate necessary communications within the framework of said relationship.

    • Lawful basis for processing:

      Art. 6.1.f) GDPR – the processing is necessary for the purposes of the legitimate interests pursued by the data controller, consisting of properly managing relationships with the entities it interacts with, in accordance with Article 19 of the LOPDGDD.

      Likewise, where applicable, Art. 6.1.b) GDPR shall apply – the processing is necessary for the performance of a contract or in order to take steps prior to entering into a contract.

    • Data processed for this purpose:

      Identification and contact data (first name and surnames, job title or position, company or entity to which you belong, postal or electronic address, and contact telephone number), as well as, where applicable, data relating to the professional function performed.

In any case, and if it is necessary for the fulfilment of the processing purposes Red Eléctrica may give access to personal data to third party service providers, who will access them as data processors. Should this access involve the transfer of your personal data outside the European Economic Area, Red Eléctrica ensures the existence of adequate mechanisms and safeguards provided for by the applicable regulations (e.g., Standard Contractual Clauses) to guarantee that the third party accessing your data applies a level of security equivalent to that required by European data regulations.

How will the data of minors be processed?

In general, the contents and services of Red Eléctrica are directed and designed mostly for people over 18 years of age.

However, there is content on our website intended for minors which includes online games to which they can have access.

In such cases, Red Eléctrica will request the consent of the holders of parental authority or guardianship, or legal representatives, under the terms established in current legislation, for data subjects under 14 years of age, never collecting or processing personal data without fully complying with the requirements established in the applicable data protection regulations regarding the duty to inform and the obtainment of any necessary consents.

How long will we store your data?

Red Eléctrica will store the personal data provided for the period necessary to manage your request, query, suggestion, complaint or claim, or as long as the contractual relationship is maintained, its erasure or objection is not requested by the data subject and they should not be deleted since they are necessary to comply with a legal obligation or for the establishment, exercise or defence of legal claims.

In this regard, once its relationship with you has ended, Red Eléctrica will keep your personal data duly blocked, except for making them available to Public Administrations, Judges, and Courts to address any potential liabilities arising from the processing, as well as for the exercise and defence of claims before the Spanish Data Protection Agency. The data shall be retained for the statutory limitation period of any actions that may arise from the relationship maintained with the data subject.

Your personal data will be stored for the time necessary to fulfil the purpose for which it was collected. If your data is used for several purposes that require us to store it for different periods, we will apply the longest retention period.

How do we collect your data?

In each process in which you provide your personal data, you will be informed of the mandatory or optional nature of its completion (for example, marking with asterisks those fields in which mandatory data is requested), and of the consequences of not providing said data.

Through this Privacy Policy, you declare that the information and data you provide us are accurate and truthful, with Red Eléctrica reserving the right to exclude from its services any data subjects who have provided false data, without prejudice to the possibility of initiating legal action. You will be solely responsible for any false or inaccurate statements you make and for the damages that this may cause to Red Eléctrica or third parties.

If, by means of any form, you provide us with third-party personal data, you guarantee that you have informed said third party of this Privacy Policy and that you have obtained their authorisation to provide Red Eléctrica with their data for the purposes indicated.

In compliance with article 14 of the GDPR, Red Eléctrica undertakes to provide any third party whose data you provide to us with the relevant information.

To which recipients will your data be disclosed?

Red Eléctrica will disclose and transfer your personal data for the fulfilment of the aforementioned purposes and on the aforementioned legal bases for processing to:

  • The Redeia companies, which you can consult at the following link: https://www.redeia.com/en/our-services.
  • Public Administrations and the Administration of Justice, Spanish law enforcement authorities, and, in general, competent Authorities when Red Eléctrica is under a legal obligation to provide them.
  • Red Eléctrica suppliers who have access to your personal data and who process said data in their capacity as Red Eléctrica's data processors, as a result of the services they provide to Red Eléctrica. All suppliers with access to personal data that provide services to Red Eléctrica have signed the corresponding data processor agreement in accordance with the provisions of article 28 of the GDPR, committing to comply with the following obligations: apply appropriate technical and organisational measures; process the personal data for the agreed purposes and act only on the documented instructions of Red Eléctrica and the obligation to delete the data once the provision of the services has ended.
  • Due to the activity carried out by Red Eléctrica, there is the possibility of international data transfers to countries located outside the European Economic Area (EEA). For cases in which international data transfers are made to countries outside the European Economic Area (EEA) or to countries that do not offer an adequate level of protection, the necessary measures will be applied with adequate guarantees through the use of Standard Contractual Clauses that legitimise international transfer.

How do we guarantee the security of your data?

Red Eléctrica applies and maintains appropriate technical and organisational measures to guarantee an adequate level of security based on prior risk analysis.

Specifically, Red Eléctrica has established all the technical means at its disposal to prevent the loss, misuse, alteration, unauthorised access and theft of the data you provide us with.

What are your rights when you provide us with your data?

Red Eléctrica informs you that you have the right to obtain confirmation on whether we are processing personal data that concerns you or not.

Likewise, Red Eléctrica informs you that you may exercise the following rights over your personal data:

  • Access: You have the right to access your data to know what personal data we are processing that concerns you.
  • Rectification or erasure: In some circumstances, you have the right to rectify any personal data that you consider to be inaccurate and that concern you, and that are processed by Red Eléctrica, as well as the right to request the erasure of your data when, among other reasons, the data were no longer necessary for the purposes for which they were collected.
  • Restriction of processing: In some circumstances, you will have the right to request us to limit the processing of your data, in which case we inform you that we will only store the data on which you have requested restriction of processing for the establishment, exercise or defence of legal claims.
  • Portability: In some circumstances, you will have the right to receive the personal data that concern you, and that you have provided us, in a structured, commonly used and machine-readable format, as well as to have them transmitted by Red Eléctrica to another data controller.
  • Right to object: In some circumstances, and for reasons related to your particular situation, you will have the right to object to the processing of your data, in which case, we would stop processing them unless we are obliged to continue to do so for compelling legitimate grounds or for the establishment, exercise or defence of legal claims.

To exercise your rights, please submit a letter to the aforementioned postal address or via email to the following address: digame@redeia.com, including in the subject "Data Protection".

You can also contact our Data Protection Officer at the following address: dpd@redeia.com.

The data controller will take the appropriate measures to provide the data subject with all possible information regarding the processing of their personal data in accordance with their request within a maximum period of one month from the receipt of the request. This period may be extended for two additional months, depending on the complexity of the case and the number of requests.

You must specify which of these rights you are requesting to exercise and, in turn, must prove your identity in the event your identity cannot be confirmed via the communication channel used for the request. In the event that you are represented by a legal or voluntary representative, you must also provide a document proving the representation, as well as the identity of said party.

Additionally, in accordance with article 77 of the GDPR, if you consider that your right to the protection of personal data has been violated, you can file a claim with the supervisory authority, in Spain, the Spanish Agency for Data Protection (https://www.aepd.es/en) or apply to the competent court, in accordance with article 79 of the GDPR. Similarly, we inform you that, in the first instance, you can file a claim with the Data Protection Officer at the following address: dpd@redeia.com.

Update date of this Privacy Policy: June 2026.