/ Basic info / Legal instruments / Annual Reports / Forum / News / Internet & Privacy / Contacts / Links
Data Protection in the Republic of Estonia

  1. The Legal Grounds for the Protection
  2. Contacts
Data Protection in the Republic of Estonia
Legal Grounds for the Data Protection.

The legal grounds for the data protection are set in the Constitution of the Republic of Estonia (adopted on 28 June 1992), the Personal Data Protection Act (entered into force on 1 October 2003.), the Public Information Act (entered into force on 1 January 2001), the Electronic Communications Act (entered into force1 January 2005) as well as in the international agreements. For the full text of the Personal Data Protection Act and for other legal acts concerning data protection in Estonia http://www.aki.ee/eng/?part=html&id=105.

Constitution of the Republic of Estonia

Article 26
Everyone has the right to the inviolability of private and family life. State agencies, local governments, and their officials shall not interfere with the private or family life of any person, except in the cases and pursuant to procedure provided by law to protect health, morals, public order, or the rights and freedoms of others, to combat a criminal offence, or to apprehend a criminal offender.

1. Personal Data Protection Act
The new Personal Data Protection Act entered into force on 1 January 2011.

The purpose of this Act is the protection of the fundamental rights and freedoms of natural persons in accordance with public interests with regard to processing of personal data.

The protection of personal data is ensured by virtue of the fact that chief processors and authorized processors may process personal data only for purposes and under conditions which are specified in the Personal Data Protection Act. Also, the chief processor must register the processing of sensitive personal data with the Data Protection Inspectorate.
The Act divides personal data into two groups - sensitive personal data and other.
Sensitive data are personal data which reveal political opinions or religious or philosophical beliefs (except data relating to being a member of legal person in private law registered pursuant to the procedure provided by law), ethnic or racial origin, state of health or disability, genetic information, sexual life, membership in trade unions and information collected in criminal proceedings or in other proceedings to ascertain an offence before a public court session or before a judgment is made in a matter concerning an offence, or if this is necessary in order to protect public morality or the family and private life of persons, or where the interests of a minor, a victim, a witness or justice so require. Sensitive personal data may be processed only with the consent of the respective person, unless the Act provides otherwise.
Full text: Personal Data Protection Act

Public Information Act.

The purpose of this Act, according to article 1, is to ensure that the public and every person has the opportunity to access information intended for public use, based on the principles of a democratic and social rule of law and an open society, and to create opportunities for the public to monitor the performance of public duties. The Public Information Act guarantees citizens' constitutional right for information; regulates what information on the administrative apparatus and its activities is offered to the public; asserts that all information is accessible also through the Internet.

Full text: Public Information Act

Databases Act.

The purpose of this Act is to create the necessary conditions for the development of electronic communications to promote the development of electronic communications networks and electronic communications services without giving preference to specific technologies and to ensure the protection of the interests of users of electronic communications services by promoting free competition and the purposeful and just planning, allocation and use of radio frequencies and numbering. The Act provides requirements for the public electronic communications networks and publicly available electronic communications services, for the use of electronic contact details for direct marketing, for the conduct of radio-communication, for the management of radio frequencies and numbering and for apparatuses as well as state supervision over the compliance with these requirements and liability for the violation of these requirements.

Full text: Electronic Communications Act

2. Contacts.

Data Protection Inspectorate

Všike-Ameerika 19,
10129 Tallinn

Phone: +372 627 41 35
Fax: +372 627 41 37
e-mail: mailto:info@aki.ee; international@aki.ee
web sites: www.aki.ee

  The administrator of this web site is:
Inspector General for the Protection of Personal Data
ul. Stawki 2; PL-00-193 Warszawa
Phone: +48 22 8607081, Fax: +48 22 8607090