End User Agreement
The purpose of the Privacy Notice is to provide a data subject with general information on the processing of personal data by Rezekne Academy of Technologies (hereinafter referred to as "RTA"), including the purposes and legal bases for processing personal data, the scope of data processing, data protection, data retention periods, data subject rights regarding their personal data, as well as other information in accordance with the requirements of regulatory enactments in the field of personal data processing and protection.
Contact information for the Data Protection Officer and Specialist in Data Protection
Controller of personal data processing: Rezekne Academy of Technologies, 115 Atbrivosanas aleja, Rezekne, LV-4601, tel. +37128325368, rta@rta.lv
Contact information of data protection specialist: roberts.glaudins@rta.lv
General rules
RTA, when processing personal data, applies the European Parliament and Council Regulation (EU) 2016/679 (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as GDPR), the Law on the Processing of Personal Data of Natural Persons (hereinafter referred to as FPDAL), as well as other applicable legal acts that are binding on RTA. Personal data is collected both from the data subject and from external information systems, registers, and other information sources in accordance with the procedures established by the law. Personal data processing is carried out only by those RTA employees whose job duties include such activities in accordance with legal acts, employment contracts, job descriptions, and instructions, while complying with the requirements of legal acts in the field of data processing and protection, as well as other RTA binding legal requirements. RTA processes personal data in accordance with the principles of personal data processing set out in Article 5 of GDPR:
- ensures the accuracy of the data and updates them as necessary, as well as deleting (destroying) or correcting inaccurate data;
- ensures precise and, if necessary, updated processing of personal data by deleting (destroying) or correcting inaccurate data;
- observes data storage limitations by deleting (destroying) data that is no longer needed for the intended purpose;
- ensures appropriate security and confidentiality of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, by implementing appropriate technical and organizational measures.
Legality of Personal Data Processing
RTA observes the legality of personal data processing, processing data only when there is an appropriate legal basis for the processing. The main legal basis for data processing by RTA is the execution of RTA functions and tasks or the fulfillment of legal obligations applicable to RTA. Other legal bases for the data processed by RTA may include:
- establishment and maintenance of contractual obligations with the data subject;
- public interest or legitimate authority granted to RTA;
- protection of vital interests of the data subject or other natural persons;
- consent of the data subject.
The Purposes of Personal Data Processing
RTA carries out data processing in accordance with the defined purposes of personal data processing and only in accordance with them. When performing the functions and tasks defined for it in the Law on Higher Education and other relevant regulatory enactments, RTA processes the following personal data:
- employee personal data;
- student personal data;
- video surveillance, video and photo information;
- data of other persons involved in project implementation or entering into contractual relations.
Transfer of personal data to third parties
RTA does not disclose data subject's personal data to third parties, except in the following cases:
- data transfer is necessary to submit information to supervisory or law enforcement institutions or to fulfill other legal obligations applicable to RTA;
- data transfer is provided for in a contract or agreement and occurs to the extent necessary to perform functions prescribed by legal acts;
- the recipient of the data has legitimate rights to request and receive information for the performance of functions prescribed by legal acts;
- dexternal legal acts provide for the exchange of data included in the state information system with other state information systems using online transmission for the performance of functions prescribed by legal acts;
- data transfer is necessary to protect RTA's legitimate interests in accordance with external legal acts;
- data transfer is based on the requirements of the State Security Institutions Law;
- data transfer is based on the clear and unambiguous written consent of the data subject.
Transfer of data to a third country. Personal data may be transferred and processed in countries outside the EU/EEA (third countries) if there is a legal basis for it (for example, to fulfill international contractual obligations or based on the data subject's consent).
Data Subject Rights
An individual has the right to request information about their personal data from the RTA (State Revenue Service) including:
- whether the RTA processes their personal data;
- the purposes and legal basis for the processing of their data;
- a copy of their data.
The individual can also request to correct their personal data if it is inaccurate or incomplete, or to have their existing data irreversibly deleted if it has been processed unlawfully or is no longer necessary for the purpose for which it was processed, or if they withdraw their consent to the processing of their data. To exercise these rights, the individual must submit a written request to the RTA, based on which they will receive a response in accordance with the procedure established by law.
Protection of personal data
The RTA ensures the processing of personal data in accordance with the security requirements established in regulatory enactments, using proportional and appropriate physical, technical and administrative procedures and means for the protection of personal data.
Other questions
Geographical territory of personal data processing: Personal data is processed in the Republic of Latvia, European Union / European Economic Area (EU / EEA).
RTA performs partially automated decision-making. During the admission process, where the system enters the evaluations of centralized exams and entrance exams specified in the admission rules, as well as the number of budget and paid places specified by the rector's order.
Storage period of personal data. Personal data is stored in accordance with the RTA case nomenclature. Personal data may have different storage periods, depending on the document containing the personal data and stored in accordance with the time period specified in the case nomenclature.
Processing of personal data in emergency situations. In emergency situations, RTA is entitled to carry out additional processing of personal data based on the Cabinet of Ministers regulations issued on the basis of the Law "On Emergency Situations and Exceptional Situation". This includes the right of RTA to transfer the received data to other institutions if the transfer of data is legally justified and necessary for the recipient to perform the tasks specified in the orders.
RTA Institucional Repository uses cookies with the consent of the person.
Current date of the notification: 03.09.2021