Data State Inspectorate, Latvia
- Legal grounds for the protection of personal data in the national legislation
- The status and the legal position of national DPA
- The legal rights and the limitations of the national DPA
- Contact information
1) Legal grounds for the protection of personal data in the national legislation
Personal data protection in national legislation derives from Latvian Constitution (Satversme) where Article 96 establishes the framework for protection of privacy in Latvia. Personal Data Processing Law entered in force on 5 July 2018 must also be mentioned, this legal act elaborates on aspects of the Data Regulation (GDPR) where a national decision was optional.
2) The status and the legal position of national DPA:
The Data State Inspectorate is an institution of direct administration under the supervision of the Cabinet which is a data supervisory authority within the meaning of the Data Regulation and carries out the tasks in the area of data processing specified in the Data Regulation and Personal Data Processing Law. The Inspectorate is independent on the operation thereof.
The Cabinet shall implement institutional supervision through the Minister for Justice. Supervision shall not refer to the implementation of tasks and rights specified for the Inspectorate, as well as internal organizational issues of the Inspectorate, including issue of internal regulations, preparation of a statement, and decisions which refer to the staff working in the Inspectorate (for example, decisions to appoint and remove the staff from the office, transfer the staff and coordinate the transfer thereof, send the staff on official travel, initiate, examine disciplinary matters, and apply disciplinary sanctions).
3) The legal rights and the limitations of the national DPA:
Rights of the Inspectorate are defined in Article 5 of the Personal data processing law:
The Inspectorate has the rights specified in Article 58 of GDPR, as well as the following rights:
- to conduct inspection of data processing (hereinafter - the inspection) in order to determine conformity of the data processing to the requirements of laws and regulations;
- to draw up administrative violation reports, examine administrative violation matters and impose administrative sanctions for violations over the examination of which it has jurisdiction;
- to request and receive, according to its competence, to the specified extent and in the form free of charge from private persons, State administration institutions and officials the information, documents or copies thereof and other materials necessary for the inspection, including information of limited accessibility;
- to visit State administration institutions and production facilities, warehouses, commercial and other non-residential premises owned, possessed or used by legal and natural persons in the territory of Latvia in order to verify conformity of the operation of the controller to the requirements of laws and regulations within the scope of its competence;
- to become acquainted freely, according to its competence, with all types of information available in registers, information systems and databases and access it (irrespective of owner of the information) in order to obtain the information necessary for the inspection;
- to request and receive, according to its competence, the information, documents and other materials regarding services provided to persons which are necessary for the inspection;
- to request and receive an opinion of an independent and objective expert within the scope of the inspection;
- to provide answers in the English language when examining complaints of non-residents in cooperation with other supervisory authorities;
- to bring an action before court for violations of this Law or the Data Regulation.
4) contact information:
Data State Inspectorate of the Republic of Latvia
11/13-15 Blaumana iela
LV – 1011