Data processing at the Corruption Prevention and Combating Bureau
Controller
The Corruption Prevention and Combating Bureau (Citadeles iela 1, Rīga, LV-1010, e-mail address: knab@knab.gov.lv).
Purpose and legal grounds for data processing
The Corruption Prevention and Combating Bureau processes personal data in order to perform its functions established by the Law on Corruption Prevention and Combating Bureau, and to enable these functions in accordance with the laws and regulations regulating the activities of the institution, or does so on the basis of the data subject’s consent.
Right of the data subject to submit a complaint
The Corruption Prevention and Combating Bureau ensures compliance with the data processing and protection requirements of the applicable laws and regulations. In the case of an objection, the person has the right to submit a data processing request to the data protection officer of the Corruption Prevention and Combating Bureau, in order to resolve any issues. If a particular issue is not resolved by the Corruption Prevention and Combating Bureau, the person may lodge a complaint with the authority in charge of supervising data processing: the Data State Inspectorate (Elijas iela 17, Riga, LV-1050, Latvia, e-mail address: info@dvi.gov.lv).
Additional Information about data processing
The Corruption Prevention and Combating Bureau does not disclose personal data to third parties, except in cases provided for in laws and external regulations (for example, to other national and local government institutions or law enforcement authorities), or if the data subject’s consent has been obtained (for example, for conducting seminars, conferences, etc.).
In certain cases, in accordance with applicable laws and regulations, the Corruption Prevention and Combating Bureau may transfer personal data to a third country (i.e. a country outside the European Union and the European Economic Area) or to international organisations. In such cases, the Corruption Prevention and Combating Bureau ensures, within the scope of its competence, compliance with the procedures laid down in the laws and regulations governing the transfer of personal data, ensuring an equivalent level of protection, taking into account the European Commission’s decision on the determination of the level of data protection in a third country.
Personal data are stored until the purpose of the processing of the data is achieved or until the storage period specified in laws and regulations expires. Personal data that are not necessary for the achievement of a specific purpose, or that need not be stored for a certain period as required by law, are deleted.
The data subject may request access to and rectification or erasure of the data subject’s personal data, or restriction of the processing of the personal data of the data subject, or to object to the processing of the data, and the data subject has the right to data portability in accordance with the procedure established by laws and regulations.
Whenever processing is based on the data subject’s consent, the data subject may withdraw their consent at any time. In such a case, the legality of the processing based on the consent that took place before the withdrawal is not affected.
Additional Information about the processing of personal data of minors
In order to enable young people to participate in events organised by the Corruption Prevention and Combating Bureau (shadow days, various competitions, etc.), the personal data of a minor under the age of 17 (inclusive) are transferred to the Corruption Prevention and Combating Bureau by the legal representative (parent or guardian) of the minor when registering for the event in question.
The names of the participants, and any photo and video materials may be published on the website and social media accounts of the Corruption Prevention and Combating Bureau to provide coverage for the event, thus enaging in the public information function.
The direct provision of information society services by the Corruption Prevention and Combating Bureau (e.g. through the bureau’s mobile app) requires the data subject’s consent. The consent of a child is considered a basis for processing and the processing of the child’s data is lawful if the child is at least 13 years old or, in cases where the child is under 13 years old, consent has been given by their parent or legal guardian.
The Corruption Prevention and Combating Bureau uses reasonable and proportionate means, to ensure that in such cases it is verified that the consent has been given or approved by the person having parental responsibility over the child, taking into account the technology available.
Additional Information about data processing for law enforcement purposes
If necessary for the protection of a data subject’s rights or legitimate interests, the data subject may submit a reasoned request to the Corruption Prevention and Combating Bureau asking for information about the legal grounds for the processing of their personal data, the storage period of the personal data, or the criteria used to determine this period, as well as information about the categories of recipients of the personal data, including those in third countries or those that are international organisations.
The data subject may also request access to and rectification or erasure of their personal data, and request that the processing of personal data relating to the data subject be restricted.
This right does not apply if the law governing the type of processing of personal data in question provides for the processing of personal data without informing the data subject, or if, in the case of personal data included in a court decision or in a court register, or in case files processed as part of criminal proceedings, administrative offence proceedings, or execution of a sentence, the law provides for a different procedure for informing the data subject.
A restriction to provide information about data processing is put in place:
- to prevent obstructions to official or legal inspections, investigations or proceedings;
- to prevent obstructions to the prevention, detection, investigation, or prosecution of criminal offences and administrative offences, or enforcement of criminal or administrative punishments;
- to protect public safety;
- to protect national security;
- to protect the rights and freedoms of other parties.
The Corruption Prevention and Combating Bureau is entitled to withhold information or restrict access to personal data where not doing so could jeopardise the law-enforcement functions of the bureau, or in one of the above cases applies, restricting the provision of information about the processing of data.
Information about conducting operational activities is provided in accordance with the Operational Activities Law. In accordance with laws and regulations, the information to be provided must not include references to government institutions that conduct criminal proceedings, or to bodies performing operational activities, or to other institutions that are legallly prohibited from being disclosed information about.
The bureau may refuse to comply with a request if it is not commensurate with the resources at its disposal, i.e. if the request or its conditions jeopardise the activities of the Corruption Prevention and Combating Bureau or the rights of other parties.
A request may also be left without review in the cases provided for in the Law on Submissions.
Requesting information about data processing
Information about data processing may be requested by submitting an application to the Corruption Prevention and Combating Bureau in person, or by sending it by post to Citadeles iela 1, Riga, LV-1010. An application signed with a secure electronic signature may be submitted to the e-mail address of the bureau, at pasts@knab.gov.lv.
Information about the use of cookies
The website of the Corruption Prevention and Combating Bureau, www.knab.gov.lv, and its training information system, https://apmacibas.knab.gov.lv/, use cookies to improve their useability and the quality of their content, and to adapt to the needs of their users. For more information, see https://www.aboutcookies.org/.
Cookies are small text files that a website saves on your computer or mobile device when you visit a website. During each subsequent visit to the website, cookies are sent back to that website or a third-party website that recognises that cookie.
Cookies also make it possible for the website to remember the settings you have chosen so that you do not have to specify them again each time you visit. Cookies are not used to identify individuals.