Published: 05.03.2024.
Translated by machine translator

General Privacy Policy of the Single Website Platform

Your privacy and data protection are very important to the manager of the single platform for websites. We assume that if you read this policy regarding the consent requested from you in connection with the processing of your personal data, you have read this notice before submitting your personal data and have accepted the processing of this data.

Public administration advocates openness and transparency, so by passing on our personal data to us, we have described how and for what purposes personal data are processed on the single platform of websites. Before processing personal data, we assess the lawfulness of the data processing operation. We process personal data on the basis of official mandates and related legal obligations.

The purpose of the privacy policy of the single platform for websites is to provide general information on the processing of personal data organised and carried out by the State Chancellery, in accordance with the principles of the processing of personal data set out in Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General data Protection Regulation) (hereinafter GDPR).

The controller of personal data of the single platform of websites shall be the State Chancellery (VC). The personal data controllers of the website platform are the institutions of the websites included in the platform, the platform keepers - the State Regional Development Agency (VRAA), hosts on technical resources - the information Centre (IeMIC) of the Ministry of the Interior and providers of technical services - the State Radio and Television Centre of Latvia (LVRTC).

On the single platform of the websites, your personal data will be processed in conformity with the realization of the legal interests of the State administrative institutions, fulfilment of the obligations laid down in laws and regulations, fulfilment of the obligations laid down in the agreements, ensuring of public information, as well as other intended purposes.

The legal basis for the processing of personal data performed within the framework of the services managed by the single platform of websites shall be determined by the following regulatory enactments:

Staff of the parties involved in the operation of the single platform of websites shall process personal data only for the performance of their functions or on behalf of the authorities or within the framework of a mandate, subject to the basic principles and confidentiality requirements for the processing of personal data laid down in the internal documents of the Authority.

An employee is prohibited from processing personal data obtained in the performance of his or her duties for his or her personal purposes or for the personal purposes of other persons. Personal data controllers shall minimise the risk of personal data being placed at the disposal of unauthorised persons as a result of an act or omission when processing personal data in the context of their functions.

On the single platform of websites, your personal data is processed in compliance with privacy requirements and taking care of the security of the data we have. Website Unified Platform personal data controllers use various security measures to prevent unauthorized access to your data, data disclosure, or other improper use of personal data. Adequate data information processing, storage, data integrity with an appropriate level of security shall be ensured. Under this, we use proportionate and appropriate physical, technical and administrative procedures and means to protect the personal data information we collect and process. The security measures implemented shall be continuously improved in accordance with the security requirements. taking into account appropriate data protection security measures and to the extent necessary for data processing purposes.

We implement personal data protection with data encryption features, firewall protection, and other data network security breach detection solutions. Data controllers of the single platform of websites shall ensure the confidentiality of data and shall implement appropriate technical and organisational measures to protect personal data from unauthorised access, unlawful processing, disclosure, accidental loss, dissemination or destruction, subject to appropriate data protection safeguards, and to the extent necessary for data processing purposes. Personal data security measures are constantly being improved and improved in order not to reduce the level of protection of personal data.

The protection of the processing of personal data shall be ensured by:

  • personal data processed in it infrastructure (servers, local computer networks and software applications);
  • personal data, if any, transported over the data transmission network;
  • the information systems used to ensure work, administered by the authorities involved in the single platform of websites;
  • electronic documents drawn up, registered and in circulation containing personal data.

You have the right to withdraw consent (if any of you are requested and have given it) at any time for the collection, processing and use of your personal data. The personal data manager of the website Unified Platform will assess your claims in accordance with your legal interests. If personal data is no longer required for the purposes of processing defined above, it will be deleted.

The controller of the single platform of websites shall be responsible for and process personal data by means which shall prevent the misuse, unauthorised disclosure and alteration of personal data.

To improve communication between public administrations, the controller of personal data monitors the received personal data. These data may be used in aggregated form to create review reports, which may be disseminated to the State administration in Latvia. Messages are anonymized and do not include personal data.

Access data, user names, information selection parameters, traffic information and Internet Protocol (IP) access address information for registered and public users shall be available on the single platform of websites. Single platforms on websites use cookies that allow you to see information about visitor activities, page views, sources, and time spent on the site. We get this information to improve the convenience and interest of website visitors to make sure you get the best service possible. The processing of personal data shall be carried out to the minimum extent possible, only for the purpose of the processing.

We store your personal data on websites only for as long as necessary for the purposes for which they were collected. The data controllers of the single platform of websites with access to this data shall be trained to handle it appropriately and in accordance with the regulatory data security framework.

Personal data shall be stored as long as there is a legal obligation to keep personal data. After the data storage period has ended, the data is safely deleted or depersonalized so that it can no longer be linked to the data subject.

Personal data held by the single platform of websites shall be regarded as restricted access information and shall be disclosed to third parties only in the cases, procedures and amounts specified in legal acts or entered into contracts. When transferring personal data to contractual partners (independent controllers) of the single platform of websites, additional provisions on the processing of personal data are incorporated into the contracts.

Websites link to other sites that have different usage and personal data protection rules.

The institutions involved in the implementation and cooperation of the website platform shall cooperate with each other on the basis of the laws and regulations concluded. If you have any questions or claims regarding the processing and protection of personal data, notify the State Chancellery by email to the vk@mk.gov.lv where the information you have submitted will be recorded and evaluated, or contact the person responsible for the processing of personal data designated at the State Chancellery. Responsible person data Manager is Alde Apsītis email address: aldis.apsitis@mk.gov.lv. Data subjects have the right to submit complaints regarding the use of personal data for the State Inspectorate of data (www.dvi.gov.lv) if the subject considers that the processing of his or her personal data violates his or her rights and freedoms in accordance with the applicable laws and regulations.

The Single Website Platform uses cookies, by warning the website users and visitors thereof.

The Single Website Platform uses cookies to comply with the obligation specified in Clause 23 of the Cabinet Regulation of 4 July 2017 No. 399 “Procedures for the Accounting and Provision of Quality Control of Public Administration Services”, as well in Section 10 of the Public Administration Structure Law to obtain attendance and usage statistics in order to improve your convenience of use of the Single Website Platform. We ensure that you can read the Cookie Policy and make a choice on whether to give your consent to the collection of statistics.

Cookies are small text files, sent to your computer’s memory when visiting a website. During each next visit cookies are sent back to the website of origin or to any other website recognising the cookies. Cookies operate as memory of the particular website, enabling the site to remember your computer during next visits, including that cookies may remember your settings or improve user convenience.

The cookies used can be divided into technologically necessary cookies, without which the performance of the service is technologically impossible or significantly difficult, and analytically statistical cookies.

By using the website, you agree that the analytical statistical cookies placed on this website are used for the purpose of improving the quality of services in compliance with the principles of public administration described in Section 10 of the Public Administration Structure Law that public administration is organised in a way that is as convenient as possible and accessible to an individual, as well as an the obligation of the public administration to improve the quality of services provided to the public, to simplify and improve procedures for the benefit of natural persons.

The website uses the following cookies:

  1. Required:
  • SESSdb34877a4022e0a5c40d60cffaeb5307 This cookie is only required for content administrators for authentication.
  • maintenance_message - This cookie is required for all users to prevent the content or platform administrator's notifications from reappearing (those which the content user has read and clicked the "Close" button).
  • allowCookies - This cookie determines whether you have agreed to the terms of use of cookies and whether to display a statement about the use of cookies in the future.
  1. Statistics:

This webpage uses the application “Google Analytics” made by the company Google Inc., using cookies that are stored on your computer to enable analysis of how you use the relevant webpage. The information established by the cookies about how you use the webpage is sent to the Google server in the USA and stored there. Your IP address, when applying IP anonymisation, is shortened within the territory of the European Union or the European Economic Area and may only be delivered for processing to Google servers located in the USA in exceptional cases. Google uses the information in order to assess how you use the particular webpage, in order to prepare reports for webpage providers about activities on the relevant webpages and to provide other services related to the use of webpages and the internet. Google shall never link the IP address received here with any other information being at the disposal of Google. In case of need, Google provides this information to third parties, if it is stipulated in the law or if third persons perform the processing of such data on the assignment of Google.

  • _ga, _gat, _gid - These three cookies are required for all users to allow traffic data to be passed to the google analytics statistics collection tool.

If you do not accept the use of statistics cookies, traffic data will not be included in google analytics statistics.

  1. Social media:
  • _cfduid - This cookie is required for all users to share a content item on their social networks.

You can change or delete your cookie settings in your web browser settings. We add links to cookie management information resources for the most popular browsers:

More information on how to control cookies according to your device's browser can be found at: www.aboutcookies.org.

  1. General provisions
  • The purpose of the Culture information systems Centre (Centre) privacy policy is to inform and provide an explanation of how the Centre looks after and protects personal data at its disposal, namely to help understand how and for what purposes the data are processed and to familiarise the data subject with his rights and obligations.
  • The Centre shall ensure the confidentiality of personal data and shall implement appropriate technical and organisational measures for the protection of personal data from unauthorised access, unlawful processing or disclosure, accidental loss, alteration or destruction in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General data Protection Regulation).

 

  1. Identity and contact details of the controller:
  • Manager - Centre for Culture Information Systems Centre Reg. No 90001708717
  • Contact information: Terbatas Street 52-1, Riga, LV-1011, telephone: 67843084, email address: info@kis.gov.lv.

 

  1. Contact details of the data Protection Officer:
  • For communication with the Centre Defence Officer, please write to: dati@kis.gov.lv
  • We inform you that this e-mail address is not intended for requests for information regarding the processing of the personal data of a particular person at the Centre, in which case you must write a self-signed application and appear at the Office with a personal identification document (passport or ID card), or send an electronically signed application to the e-mail info@kis.gov.lv, or use the e-address offered by the www.Latvija.lv for communication with the national regulatory authorities.

 

  1. Categories of personal data:
  • Personal data are collected from both the data subject and external sources, such as the data subject's workplace. Categories of personal data which are mostly but not exclusively collected and processed by the Centre shall be:
  1. identification data - given name, surname, personal identity number, date of birth;
  2. contact information – address, telephone number, e-mail address;
  3. professional data – education, position, place of work;
  4. personal data of the special category - data of the mandatory health inspection of employees;
  5. data obtained and/or generated in the performance of the duties laid down in laws and regulations;
  6. data obtained from taking photographs, video recordings or audio recordings at event venues.

 

  1. Purposes and legal basis for the processing of personal data:
  • As a direct administration institution, the Centre shall process personal data in order to fulfil the functions, tasks and rights of the Centre specified in regulatory enactments.
  • The Centre shall process personal data for the following purposes:
  1. personnel management purposes, including personnel selection;
  2. for document management purposes;
  3. the performance of the duties specified in regulatory enactments;
  4. the operation and administration of information and communication systems;
  5. maintaining and improving the operation of websites;
  6. the establishment and performance of contractual relations;
  7. the protection of legitimate interests;
  8. organisation of events.
  • Legal bases for processing personal data at the Centre:
  1. performance of duties, functions and tasks specified in regulatory enactments;
  2. the performance of contracts or the taking of measures at the request of the data subject prior to the conclusion of the contract for the conclusion and performance of the contract;
  3. the consent of the data subject;
  4. Protection of the legal interests of the Centre.

 

  1. Recipients of personal data or categories of recipients
  • The recipients of personal data shall be the Centre and its authorised persons (employees and providers of external service), State and local government institutions, data subject regarding himself or herself, institutions involved in the supervision of European Union funds for the performance of the duties specified in regulatory enactments, law enforcement or supervisory authorities, courts in the cases specified in regulatory enactments.
  • Personal data shall not be transferred to recipients who are not subjects of the European Union or of the European Economic area.

 

  1. Shelf life
  • Personal data shall be processed for as long as is necessary for the purpose of processing personal data.
  • The period of retention of personal data shall be based on the applicable laws and regulations, agreements concluded by the Centre, the legitimate interests of the Centre, the consent of the data subject to the relevant processing of personal data.
  • At the end of the processing of personal data for purposes, personal data shall be erased if there are no other legally justified purposes for the processing of personal data.
  • All information obtained during the recruitment contest will be kept, in whole or in part, for a maximum of two years for applicants in order to ensure the Centre's legitimate interest in contacting potential applicants or in maintaining evidence in the event of dispute resolution. In the event that the Centre receives complaints about a particular recruitment process, all information processed during the recruitment process will be retained for as long as necessary for that process.

 

  1. Principles for data processing
  • The Centre shall process the received personal data in good faith, lawfully (within the framework specified by regulatory enactments) and ensure access thereto only to the relevant data subjects, data processors, as well as third parties provided for in regulatory enactments.
  • The security and management of processing processes shall be organised in accordance with the security requirements of State information and communication technologies specified in regulatory enactments, technological and management security shall be regularly inspected and controlled within the framework of external audits (including intrusion audits).

 

  1. Rights of the data subject
  • The data subject shall have the right to:
  1. access their personal data and request the rectification of their personal data if they are inappropriate, incomplete or incorrect;
  2. receive their personal data when processed, in written form or in one of the most commonly used electronic formats;
  3. require the transfer of personal data to another service provider (data portability) where possible;
  4. restrict the use of their personal data in accordance with applicable laws and regulations;
  5. to submit complaints regarding the use of personal data by the supervisory authority - the State Inspectorate of data (www.dvi.gov.lv), if the data subject considers that the processing of personal data violates his or her rights and interests in accordance with the applicable laws and regulations.

 

  1. Cookie policy
  • The www.kis.gov.lv cookie policy of the Centre's website is defined in the privacy policy of the Common Platform for websites.
  • In the case of questions concerning the use of cookies, please e-mail to the dati@kis.gov.lv.