Published: 05.03.2024.
Translated by machine translator

General Privacy Policy of the Unified Website Platform

The webmaster of the Unified Website Platform highly values your privacy and data protection. We assume that you have read this Privacy Policy which requests your consent to the processing of your personal data before the provision of such personal data and that you agree to the processing of your data.

Public administration is committed to ensuring openness and transparency, therefore this Privacy Policy describes the methods and purposes for the processing of the personal data transferred by you for processing on the Unified Website Platform. Before processing personal data, we evaluate the lawfulness of the data processing activity. We process personal data based on official mandate and legal obligations related thereto.

The Privacy Policy of the Unified Website Platform aims to provide general information on the personal data processing activities organised and performed by the State Chancellery in accordance with the principles of personal data processing provided in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter – GDPR).

The personal data controller of the Unified Website Platform is the State Chancellery. The personal data processors of the Website Platform are the institutions whose websites are placed on the Unified Website Platform, the maintainer of the platform is the State Digital Development Agency (SDDA), the Web host is the Information Centre of the Ministry of the Interior (ICMI), and the technical service provider is the Latvia State Radio and Television Centre (LSRTC).

On the Unified Website Platform, your personal data shall be processed for the achievement of the legal interests of State administration institutions, the fulfilment of obligations specified in legal acts, the fulfilment of contractual obligations, the provision of information to the public, and also other abovementioned purposes.

The legal basis for the processing of personal data within the scope of the services managed on the Unified Website Platform is provided in the following legal acts:

Employees of the parties involved in the operation of the Unified Website Platform will only process personal data for the performance of their official duties or on behalf of or under the instruction of the institutions in compliance with the basic principles of personal data processing and confidentiality requirements set out in the institution’s internal documents.

An employee may not process personal data obtained during the performance of official duties for his or her own or other persons’ personal purposes. When processing personal data within the scope of their official duties, the personal data processors will minimise the risk of personal data coming into possession of unauthorised persons as a result of actions or omissions.

On the Unified Website Platform, your personal data is processed in accordance with the confidentiality requirements and by ensuring the security of the data in held by the Unified Website Platform. The personal data processors of the Unified Website Platform take various security measures to prevent unauthorised access to your data, disclosure of data or other inappropriate use of personal data. Based on the applicable level of security, proper processing and storage of data, and also data integrity is ensured. Proportionate and appropriate physical, technical, and administrative procedures and means to protect the personal data collected and processed on the platform are used accordingly. Security measures are constantly improved in accordance with the applicable security requirements and by complying with the relevant data protection principles, and to the extent necessary for the data processing purposes.

Personal data are protected with means of data encryption, firewall and other data network security breach detection solutions. The personal data processors of the Unified Website Platform ensure the confidentiality of data and take appropriate technical and organisational measures to protect personal data against unauthorised access, unlawful processing, disclosure, accidental loss, distribution or destruction in compliance with appropriate data protection principles and to the extent necessary for the data processing purposes. Personal data protection measures are constantly improved and enhanced to prevent a decrease in the level of personal data protection.

Principles for the protection of personal data apply to:

  • the personal data processed in the information technology infrastructure (servers, local computer networks, and application software);
  • the personal data transmitted in the data transmission network, if any;
  • the information systems used for the provision of work which are administered by the institutions whose websites are placed on the Unified Website Platform;
  • the electronic documents developed, registered and in circulation containing personal data.

You may withdraw your consent (if such has been requested from you and you have given it) to the collection, processing, and use of your personal data at any time. The personal data controller of the Unified Website Platform will assess your claims based on its legal interests. If the personal data are no longer needed for the pre-defined processing purposes, they will be deleted.

The webmaster of the Unified Website Platform is responsible for the personal data processing and processes personal data with means that must prevent the misuse, unauthorised disclosure, and alteration of personal data.

In order to improve the communication of State administration institutions, the personal data controller monitors the received personal data. Such data may be used in an aggregated form to draw up review reports that can be disseminated between the State administration institutions of Latvia. Reports are anonymised and do not contain any personal data.

The Unified Website Platform contains access data of the registered and public users, usernames, information selection parameters, traffic information, and Internet Protocol (IP) access address information. The Unified Website Platform uses cookies to provide information on visitor activity, visited pages, sources, and time spent on the site. This information is collected to improve the ease of use of the website and collect information on the interests of visitors in order to ensure that the best possible service is provided to you. Only the minimum amount of personal data that is necessary to achieve the processing purpose is processed.

Your personal data are stored on the websites only for as long as it is necessary for the purposes for which they were collected. The personal data processors of the Unified Website Platform who have access to such data are trained to handle them properly and in accordance with the regulatory data security framework.

Personal data are stored for as long as there is a legal obligation to store personal data. At the end of the data storage period, the data will be securely deleted or depersonalised so that they can no longer be attributed to the data subject.

The personal data stored on the Unified Website Platform is considered restricted access information and can only be disclosed to third parties in the cases and in accordance with the procedures, and to the extent specified in legal acts or concluded agreements. When transferring personal data to the contractual partners of the Unified Website Platform (independent controllers), additional provisions for the processing of personal data are be included in the agreements.

Websites contain links to other sites which have different terms of use and personal data protection rules.

The cooperation between the institutions involved in the implementation of the Unified Website Platform is governed by the adopted legal acts. If you have any questions or complaints relating to the processing and protection of personal data in the Unified Website Platform, please contact the State Chancellery by sending an e-mail to pasts@mk.gov.lv or the responsible personal data controller of the State Chancellery Aldis Apsītis (e-mail address: aldis.apsitis@mk.gov.lv).

The person responsible for the processing of personal data on the website www.kis.gov.lv is Inta Miklūna-Žukeviča (e-mail address: inta.mikluna-zukevica@kis.gov.lv).

Data subjects have the right to submit complaints regarding the use of personal data to the State Data Inspectorate (www.dvi.gov.lv) if the subject believes that the processing of his or her personal data violates his or her rights and freedoms in accordance with the applicable laws and regulations.

The Unified Website Platform uses cookies and warns the website users and visitors thereof.

The Unified Website Platform uses cookies to fulfil the obligation specified in Paragraph 23 of the Cabinet Regulation No. 399 of 4 July 2017, Procedures for Accounting, Quality Control and Provision of State Administration Services, as well as in Section 10 of the State Administration Structure Law to obtain traffic and usage statistics in order to improve the ease of use of the Unified Website Platform. You are provided with the possibility to read the Cookie Policy and decide whether to give your consent to the collection of statistics, as well as to choose the option to share the content in social media. In the opt-in consent window, you are given the option to opt out of cookies by selecting “Reject”. The exception is the mandatory technical cookie which is enabled by the browser for the duration of the connection session. You can change your cookie preferences in the footer of the website by selecting the link "Changing cookie preferences".

Cookies are small text files which are stored on the memory of your computer or mobile device when visiting a website. During each next visit, the cookies are sent back to the website of origin or to any other website recognising the cookies. The cookies operate as a memory of the particular website, enabling the site to remember your computer or mobile device during next visits, and the cookies can also remember your settings or improve the user experience.

The cookies used can be divided into essential technological cookies without which the provision of the service is technologically impossible or significantly restricted, performance cookies and social media cookies.

By using the website you agree that the performance cookies placed on this website are used for the purpose of improving the quality of services in compliance with the State administration principles specified in Section 10 of the State Administration Structure Law which provide that the State administration must be organised in a way that is easily accessible to an individual and also the fulfilment of the obligation of the State administration to improve the quality of services provided to the public, to simplify and improve procedures for the benefit of natural persons.

When using third-party resources embedded on this website (for example, YouTube, Flickr, etc.), third-party cookies might be placed on your browser.

The website uses the following cookies:

  • Essential cookies:
    • SESS<ID> – this cookie is essential only for content administrators to ensure authentication (ID is replaced by a unique name created for each session).
    • maintenance_message – this cookie is necessary for all users to prevent the content or platform administrator’s notifications from reappearing (those which the content user has read and closed with the "Close" button).
    • allowCookies – this cookie determines whether you have agreed to the terms of use of cookies and whether to display a statement about the use of cookies in the future.
  • Performance cookies. This webpage uses the Google Analytics service made by Google Inc. which uses the cookies stored on your computer to enable analysis of how you use the relevant website. The information generated by the cookies about how you use the website is sent and stored to the Google server. Your IP address, when applying IP anonymisation, is shortened within the territory of the European Union or the European Economic Area. Google uses the information in order to assess how you use the particular website in order to prepare reports for website providers about activities on the relevant websites and to provide other services related to the use of websites and the internet. Google will never link the IP address received here with any other information being at the disposal of Google. In case of need, Google may provide this information to third parties if it is stipulated in laws or if third persons perform the processing of such data on the assignment of Google.
    • _ga, _gat, _gid – these three cookies are necessary for all users to allow traffic data to be passed to the Google Analytics statistics collection tool.

If you do not accept the use of performance cookies, traffic data will not be included in Google Analytics statistics.

  • Social media cookies:
    • _cfduid – this cookie is necessary for all users to share a content item on their social networks.

You may reject the creation, storage, and processing of such statistics by manually disabling the use of the cookie handling mechanism in your browser at any time.

You can change or delete your cookie settings in your browser settings. We have added links to cookie management information resources for the most popular browsers:

More information on how to control cookies according to your device’s browser can be found at: www.aboutcookies.org.

  1. General provisions
  • The purpose of the Culture information systems Centre (Centre) privacy policy is to inform and provide an explanation of how the Centre looks after and protects personal data at its disposal, namely to help understand how and for what purposes the data are processed and to familiarise the data subject with his rights and obligations.
  • The Centre shall ensure the confidentiality of personal data and shall implement appropriate technical and organisational measures for the protection of personal data from unauthorised access, unlawful processing or disclosure, accidental loss, alteration or destruction in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General data Protection Regulation).

 

  1. Identity and contact details of the controller:
  • Manager - Centre for Culture Information Systems Centre Reg. No 90001708717
  • Contact information: Terbatas Street 52-1, Riga, LV-1011, telephone: 67843084, email address: info@kis.gov.lv.

 

  1. Contact details of the data Protection Officer:
  • For communication with the Centre Defence Officer, please write to: dati@kis.gov.lv
  • We inform you that this e-mail address is not intended for requests for information regarding the processing of the personal data of a particular person at the Centre, in which case you must write a self-signed application and appear at the Office with a personal identification document (passport or ID card), or send an electronically signed application to the e-mail info@kis.gov.lv, or use the e-address offered by the www.Latvija.lv for communication with the national regulatory authorities.

 

  1. Categories of personal data:
  • Personal data are collected from both the data subject and external sources, such as the data subject's workplace. Categories of personal data which are mostly but not exclusively collected and processed by the Centre shall be:
  1. identification data - given name, surname, personal identity number, date of birth;
  2. contact information – address, telephone number, e-mail address;
  3. professional data – education, position, place of work;
  4. personal data of the special category - data of the mandatory health inspection of employees;
  5. data obtained and/or generated in the performance of the duties laid down in laws and regulations;
  6. data obtained from taking photographs, video recordings or audio recordings at event venues.

 

  1. Purposes and legal basis for the processing of personal data:
  • As a direct administration institution, the Centre shall process personal data in order to fulfil the functions, tasks and rights of the Centre specified in regulatory enactments.
  • The Centre shall process personal data for the following purposes:
  1. personnel management purposes, including personnel selection;
  2. for document management purposes;
  3. the performance of the duties specified in regulatory enactments;
  4. the operation and administration of information and communication systems;
  5. maintaining and improving the operation of websites;
  6. the establishment and performance of contractual relations;
  7. the protection of legitimate interests;
  8. organisation of events.
  • Legal bases for processing personal data at the Centre:
  1. performance of duties, functions and tasks specified in regulatory enactments;
  2. the performance of contracts or the taking of measures at the request of the data subject prior to the conclusion of the contract for the conclusion and performance of the contract;
  3. the consent of the data subject;
  4. Protection of the legal interests of the Centre.

 

  1. Recipients of personal data or categories of recipients
  • The recipients of personal data shall be the Centre and its authorised persons (employees and providers of external service), State and local government institutions, data subject regarding himself or herself, institutions involved in the supervision of European Union funds for the performance of the duties specified in regulatory enactments, law enforcement or supervisory authorities, courts in the cases specified in regulatory enactments.
  • Personal data shall not be transferred to recipients who are not subjects of the European Union or of the European Economic area.

 

  1. Shelf life
  • Personal data shall be processed for as long as is necessary for the purpose of processing personal data.
  • The period of retention of personal data shall be based on the applicable laws and regulations, agreements concluded by the Centre, the legitimate interests of the Centre, the consent of the data subject to the relevant processing of personal data.
  • At the end of the processing of personal data for purposes, personal data shall be erased if there are no other legally justified purposes for the processing of personal data.
  • All information obtained during the recruitment contest will be kept, in whole or in part, for a maximum of two years for applicants in order to ensure the Centre's legitimate interest in contacting potential applicants or in maintaining evidence in the event of dispute resolution. In the event that the Centre receives complaints about a particular recruitment process, all information processed during the recruitment process will be retained for as long as necessary for that process.

 

  1. Principles for data processing
  • The Centre shall process the received personal data in good faith, lawfully (within the framework specified by regulatory enactments) and ensure access thereto only to the relevant data subjects, data processors, as well as third parties provided for in regulatory enactments.
  • The security and management of processing processes shall be organised in accordance with the security requirements of State information and communication technologies specified in regulatory enactments, technological and management security shall be regularly inspected and controlled within the framework of external audits (including intrusion audits).

 

  1. Rights of the data subject
  • The data subject shall have the right to:
  1. access their personal data and request the rectification of their personal data if they are inappropriate, incomplete or incorrect;
  2. receive their personal data when processed, in written form or in one of the most commonly used electronic formats;
  3. require the transfer of personal data to another service provider (data portability) where possible;
  4. restrict the use of their personal data in accordance with applicable laws and regulations;
  5. to submit complaints regarding the use of personal data by the supervisory authority - the State Inspectorate of data (www.dvi.gov.lv), if the data subject considers that the processing of personal data violates his or her rights and interests in accordance with the applicable laws and regulations.

 

  1. Cookie policy
  • The www.kis.gov.lv cookie policy of the Centre's website is defined in the privacy policy of the Common Platform for websites.
  • In the case of questions concerning the use of cookies, please e-mail to the dati@kis.gov.lv.