General Privacy Policy of the Single Website Platform
Your privacy and data protection are very important to the manager of the single platform for websites. We assume that if you read this policy regarding the consent requested from you in connection with the processing of your personal data, you have read this notice before submitting your personal data and have accepted the processing of this data.
Public administration advocates openness and transparency, so by passing on our personal data to us, we have described how and for what purposes personal data are processed on the single platform of websites. Before processing personal data, we assess the lawfulness of the data processing operation. We process personal data on the basis of official mandates and related legal obligations.
The purpose of the privacy policy of the single platform for websites is to provide general information on the processing of personal data organised and carried out by the State Chancellery, in accordance with the principles of the processing of personal data set out in Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General data Protection Regulation) (hereinafter GDPR).
The controller of personal data of the single platform of websites shall be the State Chancellery (VC). The personal data controllers of the website platform are the institutions of the websites included in the platform, the platform keepers - the State Regional Development Agency (VRAA), hosts on technical resources - the information Centre (IeMIC) of the Ministry of the Interior and providers of technical services - the State Radio and Television Centre of Latvia (LVRTC).
On the single platform of the websites, your personal data will be processed in conformity with the realization of the legal interests of the State administrative institutions, fulfilment of the obligations laid down in laws and regulations, fulfilment of the obligations laid down in the agreements, ensuring of public information, as well as other intended purposes.
The legal basis for the processing of personal data performed within the framework of the services managed by the single platform of websites shall be determined by the following regulatory enactments:
- Section 10 of the State Administration Structure Law
- Cabinet of Ministers Regulation No. 399 of 4 July 2017,"Procedures for the Accounting of State Administration services, provision of quality Control"
- Cabinet Regulation No. 402 of 4 July 2017, Regulations regarding eServices of the State Administration
- Cabinet of Ministers Regulation of 14 July 2020, procedures by which institutions place information on the Internet
Staff of the parties involved in the operation of the single platform of websites shall process personal data only for the performance of their functions or on behalf of the authorities or within the framework of a mandate, subject to the basic principles and confidentiality requirements for the processing of personal data laid down in the internal documents of the Authority.
An employee is prohibited from processing personal data obtained in the performance of his or her duties for his or her personal purposes or for the personal purposes of other persons. Personal data controllers shall minimise the risk of personal data being placed at the disposal of unauthorised persons as a result of an act or omission when processing personal data in the context of their functions.
On the single platform of websites, your personal data is processed in compliance with privacy requirements and taking care of the security of the data we have. Website Unified Platform personal data controllers use various security measures to prevent unauthorized access to your data, data disclosure, or other improper use of personal data. Adequate data information processing, storage, data integrity with an appropriate level of security shall be ensured. Under this, we use proportionate and appropriate physical, technical and administrative procedures and means to protect the personal data information we collect and process. The security measures implemented shall be continuously improved in accordance with the security requirements. taking into account appropriate data protection security measures and to the extent necessary for data processing purposes.
We implement personal data protection with data encryption features, firewall protection, and other data network security breach detection solutions. Data controllers of the single platform of websites shall ensure the confidentiality of data and shall implement appropriate technical and organisational measures to protect personal data from unauthorised access, unlawful processing, disclosure, accidental loss, dissemination or destruction, subject to appropriate data protection safeguards, and to the extent necessary for data processing purposes. Personal data security measures are constantly being improved and improved in order not to reduce the level of protection of personal data.
The protection of the processing of personal data shall be ensured by:
- personal data processed in it infrastructure (servers, local computer networks and software applications);
- personal data, if any, transported over the data transmission network;
- the information systems used to ensure work, administered by the authorities involved in the single platform of websites;
- electronic documents drawn up, registered and in circulation containing personal data.
You have the right to withdraw consent (if any of you are requested and have given it) at any time for the collection, processing and use of your personal data. The personal data manager of the website Unified Platform will assess your claims in accordance with your legal interests. If personal data is no longer required for the purposes of processing defined above, it will be deleted.
The controller of the single platform of websites shall be responsible for and process personal data by means which shall prevent the misuse, unauthorised disclosure and alteration of personal data.
To improve communication between public administrations, the controller of personal data monitors the received personal data. These data may be used in aggregated form to create review reports, which may be disseminated to the State administration in Latvia. Messages are anonymized and do not include personal data.
Access data, user names, information selection parameters, traffic information and Internet Protocol (IP) access address information for registered and public users shall be available on the single platform of websites. Single platforms on websites use cookies that allow you to see information about visitor activities, page views, sources, and time spent on the site. We get this information to improve the convenience and interest of website visitors to make sure you get the best service possible. The processing of personal data shall be carried out to the minimum extent possible, only for the purpose of the processing.
We store your personal data on websites only for as long as necessary for the purposes for which they were collected. The data controllers of the single platform of websites with access to this data shall be trained to handle it appropriately and in accordance with the regulatory data security framework.
Personal data shall be stored as long as there is a legal obligation to keep personal data. After the data storage period has ended, the data is safely deleted or depersonalized so that it can no longer be linked to the data subject.
Personal data held by the single platform of websites shall be regarded as restricted access information and shall be disclosed to third parties only in the cases, procedures and amounts specified in legal acts or entered into contracts. When transferring personal data to contractual partners (independent controllers) of the single platform of websites, additional provisions on the processing of personal data are incorporated into the contracts.
Websites link to other sites that have different usage and personal data protection rules.
The institutions involved in the implementation and cooperation of the website platform shall cooperate with each other on the basis of the laws and regulations concluded. If you have any questions or claims regarding the processing and protection of personal data, notify the State Chancellery by email to the vk@mk.gov.lv where the information you have submitted will be recorded and evaluated, or contact the person responsible for the processing of personal data designated at the State Chancellery. Responsible person data Manager is Alde Apsītis email address: aldis.apsitis@mk.gov.lv. Data subjects have the right to submit complaints regarding the use of personal data for the State Inspectorate of data (www.dvi.gov.lv) if the subject considers that the processing of his or her personal data violates his or her rights and freedoms in accordance with the applicable laws and regulations.