Privacy Policy Summary

Data Controller

COFIDES (Compañía Española de Financiación del Desarrollo, COFIDES, S.A, S.M.E.)

  • Paseo de la Castellana, 278 - 28046 Madrid (Spain)
  • Telephone: 91 562 60 08

If you would also like to contact the department in charge of ensuring compliance with regulations concerning data protection, you can do so via this email address:


Purposes of the processing

The services provided by COFIDES are directed at other organisations, that is, they are B2B services.


Therefore, we mainly process personal data with the following purposes:

  • Providing services to Customers, and when dealing with Vendors and Collaborating partners.
  • Answering the queries submitted by people interested in COFIDES' products or services.
  • Sending information, usually by email, about new products, services and events organised by COFIDES or in which COFIDES participates, which are related to the services we provide.
  • Processing candidate data applying for a job, to include them in our job selection processes.
  • Attending to requests, suggestions and complaints through the Complaint Channel.
  • Comply with our legal obligations as an obligated subject derived from money laundering regulations.
Lawfulness of processing

In order for the personal data processing to be lawful, this processing must be based on legal grounds. In the case of COFIDES, the main legal grounds are:

  • The contractual or pre-contractual relationship between the parties for the provision of mutual services.
  • The consent, in the case of candidates who send us their CVs through the Employment section of our website. The consent, in the case of people who, regardless of their relationship with COFIDES, subscribe to our newsletters.  And also for sending requests through the Complaint Channel.
  • The legitimate interest of COFIDES to provide information about its services, through commercial communications, as enabled by the Spanish e-Commerce Law and to respond to queries made by interested parties through the forms on the various COFIDES websites.
  • Legal obligation derived from RDL 7/2021 on money laundering.
Data recipients We may disclose data to third parties, that are necessary to provide the service agreed with our Customers, mainly to investing entities that participate or collaborate with COFIDES in the projects, as well as to state control agencies (SEPBLAC) in compliance with our obligations regarding the prevention of money laundering.
Data retaining

COFIDES will retain the data related to providing or receiving the service from COFIDES while the provision of the service lasts and, once ended, until the term for prescription of legal actions ends (5 years, in general, but longer periods may be given depending on the regulations that apply, e.g. in the case of money laundering regulations the periods are up to 10 years).

In the case of data from candidates, it is retained for a maximum period of three years.

In the case of the Complaint Channel or other contact mechanisms through the COFIDES-owned websites, when the question posed is resolved, unless the data must be kept blocked for compliance with legal obligations. 

Rights of the data subjects

The data subjects can exercise their rights of access, rectification and erasure, as well as the other rights specified in the privacy policy through the Complaint Channel.

  • If you do not receive a satisfactory response regarding the exercise of your rights, you may bring a claim before the Spanish Data Protection Agency.
More information

To access further information, you can read our full privacy policy, available below.


Who is the Controller of the processing of your personal data?

Compañía Española de Financiación del Desarrollo, COFIDES, S.A, S.M.E., (COFIDES), is the owner of this website and the Controller of the processing of your personal data.

You may view the company details of COFIDES in the Legal Disclaimer of this Website.

For what purposes do we process your personal data?

The data requested by COFIDES are collected and processed for the purposes of management, administration, provision, extension and improvement of the services provided by the company. Specifically, COFIDES collects and processes personal data for the various purposes described below:

•    If you provide your information through any medium including any form on the COFIDES website, including the Complaint Channel, the data provided by you will be used by COFIDES to respond to and follow up your query.  
•    If you are a Potential Customer or Customer of COFIDES, regardless of the manner and/or the medium through which you provide your information to us, including any form on our website, COFIDES will process your data for the purpose of evaluating the participation of COFIDES in the transaction according to the requirements applying to such transactions. In addition, as the party requesting financial support for the transaction, you warrant to COFIDES that you have obtained consent from the members of the company management whose curriculum vitae you provide for assessment purposes, should this be requested. COFIDES will also process your data to comply with our anti-money laundering obligations. 
•    If you are a Vendor offering products or providing services to COFIDES, the data provided by you through any contact medium will be used by COFIDES to respond to your product or services offers and to manage, where applicable, the contractual relationship with COFIDES.
•    If you are a Customer, Potential customer, Collaborating partner or Vendor, Project Manager or Consultant, the data provided by you, and specifically your email address may be used by COFIDES for the purpose of keeping you updated on the institutional events organised by the company.
•    If you offer yourself as a candidate for future or current recruitment processes, we advise you that COFIDES will only incorporate to its databases the CVs submitted via our website. The data provided by you in your CV will be processed for the purpose of considering you for future recruitment processes.
•    If you provide your personal data through the transparency form, COFIDES will process your data for the purpose of responding to your request.

For how long do we retain your data?

If you are a Potential Customer, Customer, Vendor or Collaborating Partner, the retention time for your personal data will depend on the duration of the project or the pre-contractual and/or contractual relationship with COFIDES.

The personal data provided by you for project management purposes will be retained for the duration of the project to which the query is related and for the period of time during which the legal obligations deriving from it persist, including under money laundering legislation.

If you are a Vendor or Collaborating Partner, the data retention time will likewise depend on the duration of the project and/or the contractual relationship with COFIDES.

For data provided through the Contact sections of the website, the data retention period will depend on the specific project to which the query refers, and on whether it is related to information on an ongoing project. If the query is not related to an ongoing project, the data will be canceled once the query has been resolved.

For data provided through the Complaint Channel, the data will be canceled once the issue involved has been addressed.

In the case of the Complaint Channel, for the same previous period, when the question posed is resolved, unless the data must be kept blocked for compliance with legal obligations.

The data provided by you in your curriculum vitae as a potential candidate will be retained for three years.

If you have any questions or issues requiring clarification, please contact us at the email address provided in the Rights section.  

What are the legal grounds for the processing of your data?

Please note that all the information you provide to COFIDES must be true. When providing data, you warrant their truthfulness; otherwise you will be liable for any damages incurred by COFIDES or by third parties arising from the failure on your part to provide true data.

The legal grounds for the processing by COFIDES of your data provided through the forms on the website will be your express consent, given by checking the box confirming that you accept the Policy and the processing of your data for the purposes described in the present Policy.  

If you are a Potential Customer, Customer, Vendor or any party with which COFIDES maintains a negotiation, pre-contractual and/or contractual relationship, the performance of the associated contract or pre-contractual relationship will constitute the legal grounds for the data processing carried out with the scope required to allow such contract performance or pre-contractual relationship.

In the case of processing derived from money laundering regulations, the legal basis is the obligation that applies to COFIDES in compliance with RDL 7/2021.

In the event of commercial communications sent through email, regarding products, services and events provided by COFIDES, the lawfulness of the processing will be based on the legitimate interest of COFIDES. This processing is enabled by the article 21.2 of the Law 34/2002 on Information Society Services and eCommerce (Ley 34/2002 de Servicios de la Sociedad de la Información y de Comercio Electrónico). Likewise, the legal basis is also the legitimate interest of COFIDES and of the owner of the data to be able to respond to the queries made through the contact forms on the different websites owned by COFIDES.

In addition, in case that the data subject joins any event organised by COFIDES, the legitimate interest that exists for the processing of such data will be the necessity to organise the amount of attendants, in order to control the capacity of the event, as well as their enrollment in it. 

To which recipients are your personal data disclosed?

If you are a Potential Customer or Customer, your data may be disclosed to other entities involved in the financing of the transaction to which your query refers, depending on the support requested. Such entities will process your data for the purpose of participating in the project management process carried out by COFIDES. In this regard, you are hereby advised that COFIDES is the manager of the fund for investment abroad Fondo para la Inversión en el Exterior, F.C.P.J. (FIEX) and of the fund for investment abroad by small and medium-sized companies Fondo para Operaciones de Inversión en el Exterior de la Pequeña y Mediana Empresa, F.C.P.J. (FONPYME). In addition, it supports the management of the FONPRODE fund and is accredited before various international bodies as a fund manager. Therefore, COFIDES may disclose your data to decision-making members of the funds under management, as well as to any other public body related to the activities of COFIDES. The disclosure of your data may likewise be required in compliance with the financial asset regulations applying to the transaction involved given the public nature of such assets. As well as to money laundering regulatory control bodies such as SEPBLAC without such communication requiring the data owner to be informed. 

To view all the activities carried out by COFIDES, click on this link: Corporate information.

If the data will be disclosed to other companies or bodies not directly related to the transactions and service provision requested by the Potential Customer or Customer, COFIDES will request the data subject’s prior consent for such purpose, indicating who the data will be disclosed to, and for what purpose, excepting data disclosures required by law.

We likewise advise you that COFIDES outsources its office IT infrastructure to Microsoft through cloud computing in accordance with the EU-US Privacy Shield Agreement and EU Model Clauses. Therefore, Microsoft is the Data Processor for COFIDES.

What are your rights when you provide your data to us?

As the subject of the personal data, you may exercise the following rights under the terms set forth in the General Data Protection Regulation:

•    Right to request access to your personal data.
•    Right to request their rectification and erasure.
•    Right to restrict the restriction of their processing.
•    Right to object to their processing.
•    Right to data portability.

In addition, if your personal data were collected on the grounds of your consent as the data subject, you have the right to withdraw such consent at any time.
The above rights may be exercised by sending a request, by any means providing proof of sending and receipt, to COFIDES, Compañía Española de Financiación del Desarrollo, COFIDES, S.A, S.M.E.: Protección de Datos de COFIDES, Paseo de la Castellana, 278; 28046 Madrid (Spain), or through the COFIDES Complaint Channel.

If you do not receive a satisfactory response regarding the exercise of your rights, you may bring a claim before the Spanish Data Protection Agency.

Commercial Communications

Whether you receive communications about our products and services because you explicitly decided to subscribe to our newsletters, or because you are a Customer, Vendor or Collaborating Partner of COFIDES, you may at any time unsubscribe from the service through the communications themselves, or through the COFIDES Complaint Channel, with “Unsubscribe” in the subject line.

Unsubscribing from commercial communications from COFIDES will not affect, in any case, the contractual relationship between you and COFIDES. Therefore, you will continue to receive communications regarding the existing service between the parties. 

Security and Confidentiality

COFIDES has implemented the technical and organizational measures required to prevent the loss, misuse, unauthorised access to or theft of the data processed in the files owned by the company, and it contracts vendors that provide the required assurances regarding their processing of data in a Data Processor capacity.

As the potential recipient of email messages sent from COFIDES, we advise you that the information contained in the emails sent by COFIDES is confidential and solely intended for the addressee indicated in the header. Should the recipient of any communication not be the addressee, we kindly ask them to promptly report this to us and destroy the message received together with any attachments. Any unauthorised disclosure, copying, distribution or use of the information contained in the email is forbidden by law.


Cookies are alphanumeric identifiers that are transferred to your computer´s hard drive through your web browser to enable COFIDES’s systems to recognise your browser when you visit the website again, making it easier to browse the website. Cookies allow the use of the website’s personalised features. We therefore recommend that you keep them enabled. However, if they so wish, users can configure their computer to prevent new cookies from being installed. Most browsers provide information on how to prevent the acceptance of new cookies, how to get the browser to inform you if new cookies are received, and how to disable cookies completely. To do so, go to the “help” section on the browser toolbar. For more information, go to our cookies policy.

Effective term and changes to the present data protection policy

The first COFIDES Privacy Policy came into effect in 2007, with the most recent update occurring on November 15th, 2021. COFIDES reserves the right to change its data protection policy should there be any changes in the applicable legislation, case law doctrine, or our own company policy. If any changes are made to this policy, the new version will be posted on this same URL.