In compliance with Regulation (EU) 2024/1689 (AI Act) — particularly Articles 13, 50 and 52 — and Article 22 GDPR, BMC discloses below the AI uses in its processes, the purposes, categories of data processed, and your rights as an affected data subject.
AI uses at BMC
1. AI phone receptionist
AI Act Art. 50.1 + 50.3
Purpose:
Receive calls to our switchboards (Madrid, Murcia, Alicante, Las Palmas), collect the call reason and contact details, and route to the appropriate professional.
Data categories:
Call audio (transcribed to text), incoming phone number, enquiry reason, contact details voluntarily provided by the caller.
Tone analysis:
Basic adaptation of cadence and register of the assistant. Not individual emotion identification, not stored for other purposes.
Transparency:
The assistant identifies itself as AI at the start of every conversation (Art. 50.1 AI Act).
Right to a human:
You may request transfer to a human operator at any time by saying so expressly.
Retention:
Recordings and transcripts are kept for quality and audit purposes per the periods described in the Privacy Policy; contact metadata is added to the CRM under the processing described there.
2. Classification and routing of inbound enquiries
GDPR Art. 22 — no legal effect
Purpose:
Classify inbound enquiries (web form, email, voice lead) by practice area (tax, legal, labour, accounting, strategic) and assign initial response priority.
Data categories:
Enquiry text, contact details provided, lead source.
Logic applied:
Topic-similarity classification against predefined areas. No credit scoring, no individual profiling, no decisions on client acceptance or rejection.
Human intervention:
The final decision on assignment, priority and fee proposal is always made by a qualified human professional.
AI Act categorisation:
Not a high-risk system (not included in Annex III of EU Regulation 2024/1689).
3. Internal drafting assistance for communications
Internal use — mandatory human review
Purpose:
Support the professional team in drafting initial drafts of emails, proposals and administrative templates.
Data categories:
Text supplied by the professional to the tool to generate the draft.
Human review:
All communications sent to a client, third party or public authority are reviewed and validated by a human professional before sending. AI never acts autonomously on your file.
Sensitive data:
For matters with especially sensitive information (health data, AML cases, trade secrets) BMC uses exclusively closed environments that do not send data to third parties.
What we do NOT do
We do not perform automated credit scoring or solvency assessments (Annex III.5.b AI Act).
We do not use AI for personnel hiring decisions (Annex III.4 AI Act).
We do not perform biometric identification of natural persons (Annex III.1 AI Act).
We do not take legal or tax decisions in an automated manner producing legal or significant effects on you (Art. 22.1 GDPR).
We do not sell or transfer to third parties data processed by AI for advertising or commercial purposes outside BMC.
Your rights
As a person whose data may be processed by these systems, you have the following specific rights regarding AI:
Detailed information about the AI systems and the logic applied in each specific case affecting you (Art. 13.2.f and 14.2.g GDPR).
Human intervention in any automated assessment affecting you (Art. 22.3 GDPR).
To express your point of view and contest the decision.
To request that your case NOT be processed by AI systems and instead be handled exclusively by human intervention.
Last updated: 12 May 2026. BMC updates this information when it incorporates, modifies or retires AI uses. For additional technical detail on providers or specific safeguards, please contact the DPO indicating the scope of your request.