Privacy Policy 

1. Personal data processing controller

The personal data processing controller is the State Education Development Agency (hereinafter referred to as SEDA) as EURAXESS Bridgehead organisation.

2. General provisions

   2.1. The purpose of the privacy policy is to provide a natural person which is a data subject, information about the purposes and legal basis of processing of personal data, in what cases the data are disclosed, on data storage periods and the protection of data.

   2.2. When processing personal data, SEDA shall fully comply with applicable regulations, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the Regulation).

   2.3. SEDA shall ensure confidentiality of personal data and has implemented relevant technical and organisational measures for the protection of personal data from unauthorised access, illegal processing or disclosure, accidental loss, change or destruction.

3. Categories of personal data

   3.1. SEDA shall process personal data of data subjects only in the minimum necessary amount.

The categories of personal data that are collected and processed by SEDA mainly include, but are not limited to:

      3.1.1. identification data – for example, name, surname, photo;

      3.1.2. contact information – for example, address, telephone number, e-mail;

      3.1.3. professional data and data about education and skills – for example, job position, duration of education, education institution, obtained degree, obtained professional qualification, language skills data;

      3.1.4. social data – for example, data about sex, age group, nationality;

      3.1.5. data related to participation in events – for example, data on participation in seminars, activities, photo and video materials, experience stories.

      3.1.6. data about visiting the SEDA website, for example, data flows and any other communication information, technical information, including cookies (see Cookie Policy)

      3.1.7. data about satisfaction, for example, answers to questions in surveys.

4. Purposes and legal basis of processing of personal data

Personal data processing purposes

SEDA, when fulfilling functions defined in Regulations of the Cabinet of Ministers No.934 of 18 December 2012 “By-Laws of the State Education Development Agency”, shall process personal data for the following purposes:

  1. conclusion and fulfilment of contracts with cooperation partners;
  2. conclusion and fulfilment of contracts with data subjects (project experts and other);
  3. registration of participants for activities, justification of costs of activities within projects;
  4. verification of compliance of target groups of projects;
  5. preparation and submission of payment requests and justifying documents;
  6. summarising of information.

SEDA shall process personal data for the following purposes:

  1. ensuring circulation of documents at SEDA;
  2. protection of legal interests of SEDA and implementation of claim rights;
  3. analysis of functioning of SEDA websites, development and introduction of improvements;
  4. sending of EURAXESS Latvia website news;
  5. identification of EURAXESS Latvia target group, informing about news, organisation of customer satisfaction surveys;
  6. planning and analytics of remarketing, as well as communication programmes;
  7. Publicity (in mass media, social networks and on websites, in the internet environment, etc.).

Legal basis of processing of personal data

SEDA shall ensure that processing of personal data always has a legal basis. Such a legal basis can be:

  1. activities before the conclusion of a contract with the data subject (for example, collection of necessary data);
  2. conclusion and fulfilment of a contract with the data subject (inclusion of data in the contract, correspondence between the parties, contract fulfilment documents);
  3. fulfilment of the legal duty of SEDA (fulfilment of duties defined in the regulatory enactments, for example, verification of compliance of target groups of projects; fulfilment of the accounting function of SEDA, performance of information and publicity measures, information of the society);
  4. legitimate interests of the society (staff selection, surveys, improvement of the quality of services, protection of own legal interests);
  5. consent of the data subject, which can be requested in several cases.

5. Recipients of personal data

   5.1. SEDA may transfer personal data to processors according to the personal data processing contract, as well as to other recipients, if they have a legal basis.

   5.2. When transferring personal data to processors, SEDA shall take necessary measures to ensure that such personal data processors process personal data in accordance with SEDA instructions and according to applicable regulatory enactments, incl. the Regulation, and shall request performance of relevant security measures.

6. Geographic territory of processing of personal data

   6.1. Personal data are processed in the European Union/European Economic Area (EU/EEA).

7. Storage period

   7.1. SEDA shall process and store personal data as long as necessary for the data processing purpose. The storage period may be defined in regulatory enactments on the implementation of projects, regulatory enactments regulating accounting, in the laws which set out claim limitation periods, etc.). Since purposes of processing may differ different personal data, as well as the actual period of preservation may differ.

8. Rights of the data subject

Data subjects have the following rights to the processing of their personal data, which may be implemented by contacting SEDA:

  1. to receive confirmation as to whether or not personal data concerning the data subject are being processed, and, where that is the case, to access to the personal data;
  2. to access the personal data and to receive information on their processing;
  3. to request rectification of personal data, if they are inappropriate, incomplete or incorrect;
  4. to request erasure of their personal data;
  5. to object processing of their personal data, if the use of personal data is based on legitimate interests of SEDA;
  6. to request processing of their personal data;
  7. to receive personal data provided by the data subject in writing or in any of the more frequently used electronic formats and, when possible, to transfer the following data to other service provider (data portability).

The data subject shall be entitled to submit a complaint against the processing of personal data in the Data State Inspectorate (www.dvi.gov.lv), if he or she believes that the processing of the personal data is in violation of the rights and interests defined in regulatory enactments.

9. Communication on matters of processing of personal data

If you have questions or claims regarding processing of personal data and protection at SEDA, report to SEDA by e-mail: info@viaa.gov.lv or send information to a SEDA data protection officer to e-mail: das@viaa.gov.lv, which will evaluate the information and/or request submit by you and will provide a reply.

SEDA shall be entitled to make amendments or supplements in this privacy policy, publishing the updated version at EURAXESS Latvia website in section "Privacy Policy".