General Privacy Policy of the Unified Website Platform
The webmaster of the Unified Website Platform highly values your privacy and data protection. We assume that you have read this Privacy Policy which requests your consent to the processing of your personal data before the provision of such personal data and that you agree to the processing of your data.
Public administration is committed to ensuring openness and transparency, therefore this Privacy Policy describes the methods and purposes for the processing of the personal data transferred by you for processing on the Unified Website Platform. Before processing personal data, we evaluate the lawfulness of the data processing activity. We process personal data based on official mandate and legal obligations related thereto.
The Privacy Policy of the Unified Website Platform aims to provide general information on the personal data processing activities organised and performed by the State Chancellery in accordance with the principles of personal data processing provided in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter – GDPR).
The personal data controller of the Unified Website Platform is the State Chancellery. The personal data processors of the Website Platform are the institutions whose websites are placed on the Unified Website Platform, the maintainer of the platform is the State Digital Development Agency (SDDA), the Web host is the Information Centre of the Ministry of the Interior (ICMI), and the technical service provider is the Latvia State Radio and Television Centre (LSRTC).
On the Unified Website Platform, your personal data shall be processed for the achievement of the legal interests of State administration institutions, the fulfilment of obligations specified in legal acts, the fulfilment of contractual obligations, the provision of information to the public, and also other abovementioned purposes.
The legal basis for the processing of personal data within the scope of the services managed on the Unified Website Platform is provided in the following legal acts:
- Section 10 of the State Administration Structure Law
- Cabinet Regulation No. 399 of 4 July 2017, Procedures for Accounting, Quality Control and Provision of State Administration Services
- Cabinet Regulation No. 402 of 4 July 2017, Regulations Regarding the Public Administration E-services
- Cabinet Regulation No. 445 of 14 July 2020, Procedures for Publishing Information on the Internet by Institutions
Employees of the parties involved in the operation of the Unified Website Platform will only process personal data for the performance of their official duties or on behalf of or under the instruction of the institutions in compliance with the basic principles of personal data processing and confidentiality requirements set out in the institution’s internal documents.
An employee may not process personal data obtained during the performance of official duties for his or her own or other persons’ personal purposes. When processing personal data within the scope of their official duties, the personal data processors will minimise the risk of personal data coming into possession of unauthorised persons as a result of actions or omissions.
On the Unified Website Platform, your personal data is processed in accordance with the confidentiality requirements and by ensuring the security of the data in held by the Unified Website Platform. The personal data processors of the Unified Website Platform take various security measures to prevent unauthorised access to your data, disclosure of data or other inappropriate use of personal data. Based on the applicable level of security, proper processing and storage of data, and also data integrity is ensured. Proportionate and appropriate physical, technical, and administrative procedures and means to protect the personal data collected and processed on the platform are used accordingly. Security measures are constantly improved in accordance with the applicable security requirements and by complying with the relevant data protection principles, and to the extent necessary for the data processing purposes.
Personal data are protected with means of data encryption, firewall and other data network security breach detection solutions. The personal data processors of the Unified Website Platform ensure the confidentiality of data and take appropriate technical and organisational measures to protect personal data against unauthorised access, unlawful processing, disclosure, accidental loss, distribution or destruction in compliance with appropriate data protection principles and to the extent necessary for the data processing purposes. Personal data protection measures are constantly improved and enhanced to prevent a decrease in the level of personal data protection.
Principles for the protection of personal data apply to:
- the personal data processed in the information technology infrastructure (servers, local computer networks, and application software);
- the personal data transmitted in the data transmission network, if any;
- the information systems used for the provision of work which are administered by the institutions whose websites are placed on the Unified Website Platform;
- the electronic documents developed, registered and in circulation containing personal data.
You may withdraw your consent (if such has been requested from you and you have given it) to the collection, processing, and use of your personal data at any time. The personal data controller of the Unified Website Platform will assess your claims based on its legal interests. If the personal data are no longer needed for the pre-defined processing purposes, they will be deleted.
The webmaster of the Unified Website Platform is responsible for the personal data processing and processes personal data with means that must prevent the misuse, unauthorised disclosure, and alteration of personal data.
In order to improve the communication of State administration institutions, the personal data controller monitors the received personal data. Such data may be used in an aggregated form to draw up review reports that can be disseminated between the State administration institutions of Latvia. Reports are anonymised and do not contain any personal data.
The Unified Website Platform contains access data of the registered and public users, usernames, information selection parameters, traffic information, and Internet Protocol (IP) access address information. The Unified Website Platform uses cookies to provide information on visitor activity, visited pages, sources, and time spent on the site. This information is collected to improve the ease of use of the website and collect information on the interests of visitors in order to ensure that the best possible service is provided to you. Only the minimum amount of personal data that is necessary to achieve the processing purpose is processed.
Your personal data are stored on the websites only for as long as it is necessary for the purposes for which they were collected. The personal data processors of the Unified Website Platform who have access to such data are trained to handle them properly and in accordance with the regulatory data security framework.
Personal data are stored for as long as there is a legal obligation to store personal data. At the end of the data storage period, the data will be securely deleted or depersonalised so that they can no longer be attributed to the data subject.
The personal data stored on the Unified Website Platform is considered restricted access information and can only be disclosed to third parties in the cases and in accordance with the procedures, and to the extent specified in legal acts or concluded agreements. When transferring personal data to the contractual partners of the Unified Website Platform (independent controllers), additional provisions for the processing of personal data are be included in the agreements.
Websites contain links to other sites which have different terms of use and personal data protection rules.
The cooperation between the institutions involved in the implementation of the Unified Website Platform is governed by the adopted legal acts. If you have any questions or complaints relating to the processing and protection of personal data in the Unified Website Platform, please contact the State Chancellery by sending an e-mail to pasts@mk.gov.lv or the responsible personal data controller of the State Chancellery Aldis Apsītis (e-mail address: aldis.apsitis@mk.gov.lv).
The person responsible for the processing of personal data on the website [link of your institution’s website, for example www.mk.gov.lv] is [given name, surname of the responsible personal data controller of your institution] (e-mail address: [e-mail of the responsible personal data controller]).
Data subjects have the right to submit complaints regarding the use of personal data to the State Data Inspectorate (www.dvi.gov.lv) if the subject believes that the processing of his or her personal data violates his or her rights and freedoms in accordance with the applicable laws and regulations.