In order to ensure the performance of the mandate specified in the State Audit Office Law, the State Audit Office processes the data of individuals obtained during audits, concluding agreements, preparing answers to received applications, as well as data of the officials/employees of the institution for human resources management and accounting purposes.
The State Audit Office, as the data handler, processes personal data in accordance with the General Data Protection Regulation No 2016/679 (hereinafter referred to as the Regulation), the Personal Data Processing Law, the State Audit Office Law, and other laws and regulations in force in Latvia.
The State Audit Office has implemented the required technical and organisational measures to guarantee the protection of personal data. A personal data protection specialist participates in ensuring the compliance of the personal data processing of the State Audit Office.
Purposes, legal grounds, and principles of personal data processing
The State Audit Office performs the functions and tasks delegated by the State, specified in the State Audit Office Law, and processes a large amount of various personal data consequently.
The State Audit Office processes personal data for the following purposes mainly:
- fulfilment of legal obligations specified in laws and regulations:
- establishing a contractual relationship and maintaining it with the data subject;
- implementing tasks in the public interest when exercising the powers granted to the State Audit Office;
- human resources management;
- public authorities and municipal authorities may receive personal data from the State Audit Office in accordance with the procedures specified in the laws and regulations, for example, the State Revenue Service, the State Labour Inspectorate, employees of the State Audit Office, etc.
We do hereby notify that the State Audit Office does not transfer information to third parties without a legal basis, as well as it registers individuals who have obtained this information according to the statutory procedures.
The State Audit Office shall store personal data in accordance with the purposes for personal data processing defined and legal grounds for personal data processing as long as at least one of the following criteria exists:
- there is a legal obligation to store the data;
- exercising one’s legitimate interests is necessary;
- meeting the assumed contractual obligations is required;
- there is a valid consent of the data subject to the relevant processing of personal data.