Criminal Records Database Act

Link to law: https://www.riigiteataja.ee/en/eli/ee/Riigikogu/act/503092015005/consolide
Published: 2015-09-01

Criminal Records Database Act

Passed 17.02.2011
RT I, 21.03.2011, 3
Entry into force 01.01.2012
Amended by the following legal instruments (show)

Passed
Published
Entry into force

08.12.2011
RT I, 29.12.2011, 1
01.01.2012

30.05.2012
RT I, 15.06.2012, 2
01.06.2013

13.06.2012
RT I, 06.07.2012, 1
01.04.2013, partially 16.07.2012

28.02.2013
RT I, 20.03.2013, 1
01.04.2013

14.03.2013
RT I, 26.03.2013, 2
01.04.2013

13.06.2013
RT I, 27.06.2013, 2
15.07.2013, partially 28.06.2013 and 01.10.2013

21.11.2013
RT I, 13.12.2013, 5
23.12.2013

29.01.2014
RT I, 18.02.2014, 1
01.08.2014

19.02.2014
RT I, 13.03.2014, 4
01.07.2014

11.06.2014
RT I, 21.06.2014, 8
01.01.2015

19.06.2014
RT I, 29.06.2014, 109
01.07.2014, the titles of ministers substituted on the basis of subsection 107³ (4) of the Government of the Republic Act.

19.11.2014
RT I, 04.12.2014, 3
01.01.2015

19.11.2014
RT I, 05.12.2014, 1
01.01.2015

11.06.2015
RT I, 30.06.2015, 4
01.09.2015, on the basis of subsection 107^4 (2) of the Government of the Republic Act the words 'Ministry of Agriculture' have been replaced with the words 'Ministry of Rural Affairs' in the appropriate case form.

Chapter 1 General Provisions  

§ 1.  Criminal records database

The criminal records database (hereinafter database) is a database belonging to the state information system which holds information concerning punished persons and their punishments.

§ 2.  Maintenance of criminal records database

(1) The database is maintained as an electronic database belonging to the e-file proceedings information system (hereinafter e-file system).
(2) The archives of the database (hereinafter archives) are maintained with the database.
(3) The forms for submitting information to the database and procedure for issue of notices from the database shall be established by a regulation of the minister responsible for the area.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(4) The statutes of the database shall be established by a regulation of the Government of the Republic.
(5) The provisions of the Administrative Procedure Act apply to administrative proceedings prescribed in this Act, taking account of the specifications provided for in this Act.

§ 3.  Purpose of maintenance of database

The purpose of maintenance of the database is to:
1) provide reliable information concerning punishments of persons;
2) notify a person of the information concerning the person entered in the database;
3) exchange information concerning punishments of persons with foreign states.

§ 4.  Chief processor and authorised processor of database

The chief processor of the database is the Ministry of Justice and the authorised processor of the database is the Centre of Registers and Information Systems (hereinafter Centre).

§ 5.  Legal effect of information in database

(1) The information concerning punishments of persons entered in the database has legal effect for ascertaining the punishment record of the person and recurrence of criminal offences or misdemeanours committed by the person until deletion of the information.
(2) Information deleted from the database and entered in the archives has legal effect:
1) in the proceedings provided for in the Acts specified in clause 20 (1) 4) of this Act and for verifying the circumstances specified in clause 20 (1) 5) of this Act for ascertaining the punishment record of the person and recurrence of criminal offences committed by the person;
2) in the case specified in clause 20 (1) 9) of this Act upon making a decision on employment of a person in a position or service involving minors in the cases provided by law;
3) in the case specified in clause 20 (1) 10) of this Act upon making a decision on employment of a person in police service and appointment of a person to office of an official of the Police and Border Guard Board and entry into an employment contract with the employee, if such position is not a position of a police officer but performance of the duties in that position requires access to the database which chief processor is the Ministry of Internal Affairs or the Police and Border Guard Board, the information specified in clauses 35 (1) 51) and 52) of the Public Information Act or sensitive personal data of the officials and employees of the Police and Border Guard Board.
[RT I, 26.03.2013, 2 - entry into force 01.04.2013]
31) in the cases specified in clause 20 (1) 10) of this Act upon making a decision on employment of a person in the rescue service in the position of an official of the rescue service whose duties include work with the database which chief processor is the Ministry of Internal Affairs or the Police and Border Guard Board, or explosives removal or where the person has access to sensitive personal data of rescue servants.
[RT I, 29.12.2011, 1 - entry into force 01.01.2012]
4) in the case specified in clause 20 (1) 10) of this Act upon making a decision on employment of a person in prosecutors' service and verification of whether the person in prosecutors' service complies with the requirements of the law;
5) in the case specified in clause 20 (1) 10) of this Act upon employment of a person in prison service or in prison, and upon verification of compliance of a person beginning to study in the area of specialisation of a prison officer or a person in prison service, working at a prison or studying in the area of specialisation of a prison officer, with the requirements of the law;
51) in the cases specified in clause 20 (1) 10) of this Act upon employment of a person in the service of an administrative agency specified in the Public Service Act upon verification of compliance with the requirements specified in clause § 15 2) of the Public Service Act;
[RT I, 06.07.2012, 1 - entry into force 01.04.2013]
52) in the case specified in clause 20 (1) 10) of this Act, upon hiring persons to employment or service in the Defence Forces or upon evaluation of the eligibility of persons in active service, officials or employees for the Defence Forces or upon checking the conformity with the requirements specified in clauses 413 (1) 6), 8) and 9) of the Estonian Defence Forces Organisation Act in deciding on the grant of authorisation to persons relating to the provision of service to the Defence Forces for entry into restricted military areas of the Defence Forces;
[RT I, 18.02.2014, 1 - entry into force 01.08.2014]
6) upon conducting the proceedings provided for in the Acts specified in clause 20 (1) 11) of this Act.

§ 6.  Content of database

Information concerning punishments of persons shall be entered in the database on the basis of the following court decisions and decisions of the following officials:
1) a conviction in a criminal matter which has entered into force;
2) a decision of an extra-judicial body or a court judgment on the imposition of punishment in a misdemeanour matter which has entered into force, except a decision of an extra-judicial body in caution procedure;
3) a court ruling ordering coercive psychiatric treatment of a person;
4) a court ruling on the application of a sanction with regard to a person younger than eighteen years of age;
5) a judgment, decision, ruling or order of a court or extra-judicial body which is based on a decision or judgment specified in clauses 1) to 4) of this section and which contains information specified in § 12 of this Act;
6) a resolution of the President of the Republic on the review of an appeal for pardon of a convicted offender;
7) a foreign conviction in a criminal matter against an Estonian citizen or an alien who holds a residence permit or right of residence in Estonia which has entered into force, if information concerning his or her punishment has been communicated by a foreign state or if an Estonian court has recognised the judgement of conviction.

§ 7.  Accessibility of database data

(1) The data entered in the database are public, except in the cases provided by law.
(2) The database data are processed only under the conditions and pursuant to the procedure provided by law.

§ 8.  Language of database

(1) The language of the database is Estonian.
(2) Documents which are not in Estonian shall be submitted to the authorised processor of the database together with a translation into Estonian.
(3) In the cases provided for in the European Union legislation, information may be also submitted to the database in another language.

Chapter 2 Maintenance of Criminal Records Database  

§ 9.  Structure of database

The database shall consist of valid and archived data specified in § 12 of this Act.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]

§ 10.  Database log

[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(1) The registry log contains data concerning the entries and queries made to the database.
(2) The following data shall be entered in the database log:
1) the code of the agency submitting an entry or query;
2) the name of the agency submitting an entry or query;
3) the name and personal identification code of the person submitting an entry or query, in the absence of a personal identification code, the date of birth;
4) the date of making an entry or query;
5) the explanations or notes concerning an entry or query;
6) a notation concerning the annulment of an entry or query;
7) the name of the representative of the authorised processor of the database which verified an entry or query.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]

§ 11.  Registry card

[Repealed - RT I, 27.06.2013, 2 - entry into force 15.07.2013]

§ 12.  Data subject to entry in criminal records database

[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(1) Personal data of a natural person are the following:
1) given name and surname;
2) personal identification code or date of birth;
3) sex;
4) citizenship;
5) residential address;
6) place of birth;
7) former name and personal identification code of the person;
8) name of the person's parent, if submitted to the database by a foreign state.
(2) If any personal data have changed, new personal data and the date of making the change shall be indicated in the database.
(3) In the case of a foreigner or a person without a personal identification code, the following shall be entered in the database:
1) his or her date and place of birth;
2) the name and number of his or her identity document.
(4) Information concerning the punishments of a natural person is the following:
1) the name of the court which made a judgment, decision or ruling in the criminal or misdemeanour matter, the name of the extra-judicial body which made a decision in the misdemeanour matter, the date of making the judgment, decision or ruling and the number of the criminal or misdemeanour matter;
11) the date of commission of an offence;
2) the provision of the Penal Code or another Act which provides for the offence of the commission of which the person was convicted;
3) the type and term or category of the punishment imposed on the person for the criminal offence or misdemeanour;
4) the date on which the judgment, decision or ruling enters into force;
5) the time the person spent in provisional custody before the making of the court judgment;
6) substitution, aggregating of punishments, or basis for and date of waiver of enforcement of a punishment;
7) the date of payment of the amount of pecuniary punishment or a fine;
8) the date on which community service is performed;
9) the date of the end of an imprisonment or detention;
10) the basis for imposition and the date of the end of the probationary period;
11) the basis for and the date of release from punishment on parole and the unserved part of the punishment;
12) the date of initiation and termination of administration of coercive psychiatric treatment to a person;
13) the date of initiation and termination of administration of addiction treatment of drug addicts or complex treatment of sex offenders to a person;
14) the date initiation and termination of application of a sanction to a person younger than eighteen years of age;
15) the date of entry into force of a resolution of the President of the Republic granting a pardon to the person.
(5) The data concerning a legal person is the following:
1) name;
2) the address of its registered office;
3) registry code or, in the case of a foreign legal person without a registration number, the number or letter combination considered equal to a registration number.
(6) Information concerning the punishments of a legal person is the following:
1) the name of the court which made a judgment, decision or ruling in the criminal or misdemeanour matter, the name of the extra-judicial body which made a decision in the misdemeanour matter, the date of making the judgment, decision or ruling and the number of the criminal or misdemeanour matter;
11) the date of commission of an offence;
2) the provision of the Penal Code or another Act which provides for the offence of the commission of which the person was convicted;
3) the type and term or category of the punishment imposed on the person for the criminal offence or misdemeanour;
4) the date on which the judgment, decision or ruling enters into force;
5) substitution, aggregating of punishments, or basis for and date of waiver of enforcement of a punishment;
6) the date of payment of the amount of pecuniary punishment or a fine;
7) the date of enforcement of the judgment for compulsory dissolution.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]

§ 13.  Obligation to notify database

(1) A court, an extra-judicial body which made a decision or the Office of the President of the Republic shall submit the data specified in § 12 of this Act to the authorised processor of the database within five working days as of the entry into force of a decision, judgment or ruling specified in § 6 of this Act.
(2) A bailiff, house of detention, prison or court, or a body conducting extra-judicial proceedings which has made a decision or supervised the execution of the decision shall submit the data concerning a person specified in § 12 of this Act to the authorised processor of the database within five working days after the person has fully paid the fine imposed as punishment or the pecuniary punishment, performed the community service, served the detention or been released from prison or the administration of addiction treatment of drug addicts or complex treatment of sex offenders has been terminated with regard to the person. Within the same term, the authorised processor of the database shall be informed of the expiry of the limitation period for the execution of a judgment or decision pursuant to § 82 of the Penal Code.
[RT I, 15.06.2012, 2 - entry into force 01.06.2013]
(3) The agency having submitted the data is responsible for the correctness of the data submitted.
(4) The agency or the official specified in subsections (1) or (2) of this section shall submit the data specified in § 12 of this Act to the authorised processor of the database electronically through the e-file system. The Office of the President of the Republic may submit the data specified in § 12 of this Act to the authorised processor of the database electronically through the e-file system.

§ 14.  Interbase cross-usage of data

The authorised processor of the database is permitted to make electronic queries and obtain information from other state or local government databases in order to perform the functions assigned thereto by law.

Chapter 3 Release of Database Data  

§ 15.  Right to obtain data from database

(1) Everyone has the right to obtain data from the database, unless otherwise provided by law.
(2) Data shall be released from the database on the basis of a query setting out the following:
1) the person concerning whom the data are requested;
2) the name and personal identification code of the applicant, in the absence of a personal identification code the date of birth;
3) if the data are requested on behalf of a legal person, the name and the registry code of the legal person shall be also indicated or, in the case of a foreign legal person without a registration number, the number or letter combination considered equal to a registration number;
4) the address or e-mail address of the applicant;
5) the name and number of the identity document of the applicant.
6) the signature in the case of paper applications, the digital signature in the case of an application submitted by e-mail.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(3) Registry data regarding a minor, data from the archives of the database and data obtained from another member state of the European Union shall be issued under the conditions and pursuant to the procedures provided for in this Act.

§ 16.  Prohibition on demand of data

(1) It is prohibited to demand data concerning a person which are contained in the database or the archives of the database from that person.
(2) A person has the right to authorise another person to make a query to the database concerning the person.

§ 17.  Notice from database

(1) Notices from the database shall set out the addressee and date of the notice.
(2) Notices from the database shall be issued on paper or electronically.
(3) Notices from the database are issued electronically through the e-file system. If the data are requested on paper or by e-mail, the data are released within two working days after the date of receipt of the request.
(4) Notices from the database issued on paper shall be certified by the seal of the database and the signature of the authorised representative of the authorised processor of the database.
(5) Notices from the database sent by e-mail shall be signed digitally by the authorised representative of the authorised processor of the database.
(6) Data concerning queries submitted with regard to persons entered in the database and concerning issue of notices from the database shall be stored in the database for two years.

§ 18.  Release of data

(1) Database data are released as notices from the database which are the following:
1) an extract from the database;
2) a notice setting out that the person has not been entered in the database;
3) a notice setting out that the person has no punishments in force, if the data concerning the person in the database only contains the data of the archives of the database.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(2) The data specified in clauses 12 (1) 4) to 8), clause (3) 2) and clauses (4) 12) to 14) of this Act shall not be indicated in an extract from the database concerning natural persons.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(3) No information concerning punishments imposed for misdemeanours shall be indicated in an extract from the database concerning natural persons if the person was imposed a fine as a punishment which amount is less than 50 fine units, except in the case the natural person has repeatedly committed misdemeanours or if a supplementary punishment has been imposed in addition to the fine.
(4) If persons make queries about themselves or if the person making a query to the database is the person specified in subsection 19 (1) of this Act or if the person making queries to the archives of the database is the person specified in subsection 20 (1) of this Act, all the data specified in § 12 of this Act shall be indicated in an extract from the database.
(5) An extract submitted on the basis of a query of a person shall, at the request of the person, contain also the data specified in subsection 10 (2) of this Act concerning the date of the query and the person having made the query concerning the person.
(6) A printout of data certified pursuant to the procedure provided for in subsection 17 (4) of this Act is deemed to be an extract from the database on paper.

§ 19.  Right to obtain data concerning minors from database

(1) The following persons have the right to receive data specified in subsections 12 (1) to (4) of this Act concerning minors:
1) a legal representative of a minor concerning the minor represented;
2) a court for the purposes of hearing a matter subject to proceedings;
3) an investigative body and a prosecutor's office relating to a criminal matter subject to proceedings;
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
4) an extra-judicial body for the adjudication of a misdemeanour matter which is being processed;
5) a governmental authority for the purposes of performance of the functions provided by an Act or legislation passed on the basis of an Act;
6) the Office of the President of the Republic for the performance of functions provided by law;
7) the registration department of the Tartu County court for the purposes of making lawful database entries;
[RT I, 21.06.2014, 8 - entry into force 01.01.2015]
8) an employer for the purposes of verification of the conformity of a person with the requirements provided by law upon hiring the person;
9) a foreign agency on the basis of the legislation of the European Union or an international agreement;
10) a notary for the purpose of verification of the data concerning a person applying for a notarial act;
11) a probation officer for the performance of the functions prescribed to him or her by law.
(2) Database data shall be released on the basis of a query setting out the data specified in subsection 15 (2) of this Act and a reference to the legal grounds for receipt of the data.
(3) If a judgment of conviction passed on an accused who is a minor is disclosed under the conditions and pursuant to the procedure provided for in the Code of Criminal Procedure, data shall be released from the database concerning this pursuant to the procedure provided for in § 18 of this Act.

§ 20.  Right to obtain data from archives of database

(1) The following persons have the right to obtain data from the archives of the database:
1) any person as regards the data concerning the person;
2) a legal representative of a minor concerning the minor represented;
3) an investigative body for conducting pre-trial proceedings in a criminal matter;
4) the Government of the Republic, the Ministry of Internal Affairs, the police authorities and the Security Police Board, for the purposes of conducting the proceedings provided in the Citizenship Act, Aliens Act, Obligation to Leave and Prohibition on Entry Act and Grant of International Protection to Aliens Act.
5) a security authority for ascertaining the circumstances specified in clause 32 (1) 8) and clauses (2) 4), 5), 7), 8), 10), and 15) of the State Secrets and Classified Information of Foreign States Act;
6) the Security Police Board for the purpose of collection of information and surveillance agencies for the purpose of collection of information concerning prevention and combat of criminal offences;
7) a prosecutor's office for the purpose of conducting criminal proceedings and planning of surveillance activities;
8) a prison service for verification whether a person commencing studies in the area of specialisation of a prison officer or a person studying in the area of specialisation of a prison officer complies with the requirements of the law and for the purpose of assessing the criminogenic risks of a prisoner;
9) for the purposes of verification of the conformity of the person with the requirements provided by law upon hiring a person working with children for the purposes of the Republic of Estonia Children Protection Act in a position, service, alternative service, voluntary activities, to provide labour market services or to practical training involving minors, or upon issue of activity licences for work with children;
[RT I, 13.12.2013, 5 - entry into force 23.12.2013]
10) an employer upon hiring a person to employment or service in the cases specified in clauses 5 (2) 3) to 52) of this Act for the purposes of verification of the conformity of a person with the requirements provided by law;
[RT I, 18.02.2014, 1 - entry into force 01.08.2014]
11) the Ministry of Rural Affairs, the Estonian Agricultural databases and Information Board and a foundation of the state specified in subsection 65 (6) of the European Union Common Agricultural Policy Implementation Act for the purposes of implementation of the measures specified in subsection 2 (1) of the same Act and exercise of state supervision based on the above-mentioned Act;
[RT I, 04.12.2014, 3 - entry into force 01.01.2015]
12) for verification of conformity of applicants for membership in and members of the Estonian Defence League with the requirements of the Estonian Defence League Act;
[RT I, 20.03.2013, 1 - entry into force 01.04.2013]
13) the Ministry of Rural Affairs and the Estonian Agricultural databases and Information Board for the purposes of implementation of the measures specified in subsection 2 (1) of the Fisheries Market Organisation Act and exercise of state supervision.
[RT I, 05.12.2014, 1 - entry into force 01.01.2015]
(2) Data shall be released from the archives of the database on the basis of a query setting out the data specified in subsection 15 (2) of this Act and a reference to the legal grounds for receipt of the data.

§ 21.  Release of data from database and archives of database for research and statistical work

(1) Data shall be released from the database and archives of the database for the purposes of research or statistical work in compliance with the conditions provided for in § 16 of the Personal Data Protection Act.
(2) In order to receive data from the database for the purposes specified in subsection (1) of this section, a written application setting out the following shall be submitted to the authorised processor of the database:
1) the objective of the work and the nature of the data intended to be used;
2) the data requested by the person from the database;
3) the purpose and legal basis for requesting the data;
4) the name and address of the applicant;
5) the signature of the applicant;
(3) If a prior permission of the Data Protection Inspectorate is required according to § 16 of the Personal Data Protection Act, it shall be appended to the application submitted to the database.

§ 22.  Issue of notice from database to foreign states

(1) Notices from the database may be issued to foreign states in the cases and pursuant to procedure provided by the legislation of the European Union or an international agreement.
(2) An application of a foreign state submitted to the database concerning receipt of notices from the database and annexes thereto shall be submitted in the Estonian language or in another language in the cases provided by the legislation of the European Union or an international agreement.

§ 23.  Procedure for payment for release of data from database or archives of database

(1) Making of electronic data queries from the database and archives of the database is subject to a fee. The minister responsible for the area shall establish by a regulation the rates of fees of up to 4 euros payable for one query.
(2) Persons shall be exempt from payment of the electronic query fee in the case of query concerning the persons themselves and the persons who authorised them, likewise the persons specified in subsection 19 (1) and clauses 20 (1) 3) to 11) and 13 of this Act.
[RT I, 05.12.2014, 1 - entry into force 01.01.2015]
(3) Upon issue of notices from the issued on paper, a state fee shall be paid according to the rates provided for in the State Fees Act.
(4) Persons have the right to receive information concerning their own data in the database and the archives of the database and legal representatives of minors concerning the data of the minors represented in the form of notices from the database on paper once a year free of charge. A state fee shall be paid for subsequent queries.
(5) A state fee shall be refunded if the authorised processor of the database decides to refuse to release the data.
(6) The persons specified in clauses 19 (1) 2) to 11) of this Act are exempt from payment of state fees for the release of data from the criminal records database and the persons specified in clauses 20 (1) 3) to 11) and 13 of this Act for release of data from archives of the criminal records database.
[RT I, 05.12.2014, 1 - entry into force 01.01.2015]

Chapter 4 Deletion of Information Concerning Punishment from Database  

§ 24.  Terms for deletion of information concerning punishment from database

(1) Information concerning punishment shall be deleted from the database and transferred to the archives if:
1) one year has passed since the payment of a fine, service of detention, fulfilment of community service imposed for a misdemeanour or deprivation of driving privileges imposed as a principal punishment;
2) two years have passed since the payment of a fine or service of detention imposed for a misdemeanour provided for in the Taxation Act or another Act concerning a tax;
3) two years have passed since the termination of coercive psychiatric treatment;
4) two years have passed since the termination of administration of addiction treatment;
5) three years have passed since the enforcement of a pecuniary punishment judgment imposed for a criminal offence;
6) three years have passed since the end of the probationary period determined upon release on parole or conditional release from a pecuniary punishment;
7) three years have passed since the performance of community service;
8) five years have passed since an imprisonment of less than five years was served;
9) ten years have passed since an imprisonment of five to twenty years was served;
10) fifteen years have passed since an imprisonment of more than twenty years was served;
11) the limitation period for the execution of a judgment has expired pursuant to § 82 of the Penal Code;
12) the person has died;
13) the legal person is dissolved.
(2) If the offence was committed while the person was a minor, information concerning his or her punishment shall be deleted and transferred to the archives if:
1) one year has passed since the payment of a fine, service of detention, fulfilment of community service imposed for a misdemeanour or deprivation of driving privileges imposed as a principal punishment;
2) one year has passed since the termination of coercive psychiatric treatment or termination of administration of coercive treatment;
3) one year has passed since the termination of administration of addiction treatment;
4) two years have passed since the enforcement of a pecuniary punishment or a judgment for compulsory dissolution imposed for a criminal offence;
5) two years have passed since the end of the probationary period determined upon release on parole or conditional release from a pecuniary punishment;
6) two years have passed since the performance of community service;
7) three years have passed since an imprisonment of more than twenty years was served;
8) five years have passed since an imprisonment of five to ten years was served;
9) the limitation period for the execution of a judgment has expired pursuant to § 82 of the Penal Code;
10) the person has died.
(3) A supplementary punishment shall be deleted from the database after service of the supplementary punishment.
(4) Upon waiver of enforcement of a punishment, the information concerning the punishment shall be deleted from the database after submission of the information pursuant to the procedure specified in subsection 13 (1) of this Act.
(5) The authorised processor of the database shall be notified of a person's death by the vital statistics office and of dissolution of a legal person by the authorised processor of the commercial register.
(6) When information concerning punishment is deleted and transferred to archives, the information concerning punishment shall include the date of transfer of the data to the achieves. The information concerning punishments imposed for misdemeanours shall be preserved in the archives for ten years, the information concerning punishments imposed for criminal offences shall be preserved in the archives for 50 years as of the date of transfer to the achieves.
[RT I, 27.06.2013, 2 - entry into force 01.10.2013]

§ 25.  Running of term for deletion of information concerning punishment

(1) A term for deletion of the information concerning punishment from the database commences to run:
1) as of termination of the service of a principal or supplementary punishment;
2) as of the entry into force of a resolution granting a pardon.
(2) If a person is sentenced to life imprisonment, information concerning the punishment of the person shall not be deleted except in the case the person is released from life imprisonment or the person has died. In the case a person is released from life imprisonment, the term for the deletion of the information concerning the punishment shall be calculated on the basis of the punishment actually served. If a person has been released on parole, the term for deletion of the information concerning the punishment commences to run as of the termination of parole.
(3) If a convicted person has been sentenced to serve the punishment before expiry of the period of probation, the information concerning the punishment of the person shall be deleted upon expiry of the term for deletion calculated pursuant to the general procedure as of the date of release from the service of the punishment.
(4) If a person has been released from the service of a punishment before expiry of the term of the punishment or if the punishment has been substituted by another type of punishment, the term for the deletion of the information concerning the punishment shall be calculated on the basis of the punishment actually served.
(5) [Repealed - RT I, 27.06.2013, 2 - entry into force 01.10.2013]
(6) [Repealed - RT I, 27.06.2013, 2 - entry into force 01.10.2013]

§ 26.  Term for deletion of information concerning punishment on basis of resolution of President of Republic on grant of pardon

(1) If a person is released from the service of a punishment on the basis of a resolution of the President of the Republic on the grant of a pardon to the person, the term for the deletion of the information concerning the punishment shall be calculated on the basis of the punishment actually served until the resolution on grant of pardon.
(2) Upon mitigation of a punishment on the basis of a resolution of the President of the Republic on the grant of a pardon, the term for the deletion of the information concerning the punishment shall be calculated on the basis of the punishment actually served.

§ 27.  Deletion of information concerning punishment of person convicted by foreign court

Information concerning the punishment of a citizen or permanent resident of Estonia, an alien who holds a residence permit in Estonia or has permanent right of residence in Estonia or a legal person registered in Estonia who has been convicted by a foreign court shall be deleted from the criminal records database within the terms specified in subsection 24 (1) of this Act, unless otherwise provided by the legislation of the European Union or an international agreement.

§ 28.  Termination of disclosure of personal data

After deletion of the information concerning the punishment of a person from the database, the name of the person shall be replaced with initials or characters in disclosed court decisions or other disclosed decisions of officials which constituted the basis for the entry in the database. The name of the person shall not be replaced if the person has been convicted for an offence provided for in §§ 89 to 93, 95 to 112 or 114, subsection 133 (2), subsection 134 (2), §§ 135, 141 or 142, subsection 143 (2), clause 1431 (2) 1), §§ 144 to 146, 175 to 179, 184, 185, 187, 237, 255, 256, 268, 394, 403 to 405, 414, 415 or 418 of the of the Penal Code.

Chapter 5 European Union Criminal Records Information System  

§ 29.  Exchange of information concerning punishments with member states of European Union

(1) The Centre of Registers and Information Systems is the central authority of Estonia for exchange of information between member states.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(2) The Centre of Registers and Information Systems shall communicate the information concerning a judgment of conviction made against a citizen of a member state of the European Union in a criminal matter to the member state of nationality of the convicted offender or to the member state where the permanent residence of the person is. Information concerning a court judgment and later amendments thereto shall be communicated immediately.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(3) Exchange of information with the member states of the European Union shall take place through the European Union Criminal Records Information System.

§ 30.  Queries to databases of other member states and response to queries from other member states

(1) The Centre of Registers and Information Systems has the right to submit a query to a central authority of another member state concerning the information entered in the criminal records, if the information is requested by:
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
1) any person as regards the data concerning the person;
2) a legal representative of a minor concerning the minor represented;
3) a court for the purposes of hearing a matter subject to proceedings;
4) an investigative body relating to a criminal matter subject to proceedings;
5) an extra-judicial body for the adjudication of a misdemeanour matter which is being processed;
6) a governmental authority for the purposes of performance of the functions provided by an Act or legislation passed on the basis of an Act;
7) the Office of the President of the Republic for the performance of functions provided by law;
8) the registration department of the Tartu County court for the purposes of making lawful database entries;
[RT I, 21.06.2014, 8 - entry into force 01.01.2015]
9) an employer for the purposes of verification of the conformity of a person with the requirements provided by law upon hiring the person;
10) a notary for the purposes of verification of the data concerning a person applying for a notarial act;
11) a probation officer for the performance of functions prescribed to him or her by law.
(2) In the case of a query by a central authority of another member state, the Centre of Registers and Information Systems shall communicate a copy of the judgement of conviction and the information set out in subsection in § 32 of this Act, if responding to the query is in compliance with this Act.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(3) Upon making a query to a central authority of another member state, the Centre of Registers and Information Systems shall communicate the query within three working days as of the receipt thereof, except in the case it contains deficiencies which hinder the communication of the query. In such case the request shall be returned to the person having sent it for elimination of deficiencies.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]
(4) The form provided in Annex to the Council Framework Decision 2009/315/JHA of 26 February 2009 on the organisation and content of the exchange of information extracted from the criminal record between Member States (OJ L 93, 7.04.2009, p. 23-32) shall be used for making the requests and replying to the requests.
(5) Upon receipt of a query, the Estonian central authority is obligated to respond to it within ten working days. If the query is based on a wish of a person to obtain information from the database concerning that person, the central authority is obligated to respond to it within 20 working days.

§ 31.  Restrictions on use of personal data

(1) Upon transmission of information concerning punishments to another member state, the central authority may establish as a condition that they are used for the purpose of criminal proceedings only.
(2) If a convicting member state establishes as a condition for transmission of data that they are used for the purpose of criminal proceedings only, release of data to that member state is not permitted for any other purposes.
(3) The data obtained based on a request from another member state in the framework of criminal proceedings may be only used for the purpose of the criminal proceedings on which the request was based. The data obtained by a request made on any other grounds may be only used for purpose on which the request was based and to the extent determined by the member state having transmitted the data.
(4) The data obtained from another member state based on a request may be used for purposes other than the one on which the request was based if this is necessary to prevent endangering of public order or security.

§ 32.  Submission of data to another member state

Upon receipt of a query, the central authority shall transmit to the central authority of another member state the following data:
1) information concerning a convicted offender (all given names and surnames, date of birth, place of birth (city and state), sex, citizenship and, if available, previous name or names);
2) information concerning a judgment of conviction (the date of making the judgement of conviction, name of the court, the date on which the judgement enters into force);
3) information concerning the criminal offence for which the person was convicted (the date of committing and the name or legal assessment of the criminal offence and reference to the applicable legal provisions);
4) information concerning the contents of a conviction (principal punishment pursuant and supplementary punishments, other sanctions and subsequent decisions modifying the enforcement of the punishment);
5) information concerning a conviction, if entered in the criminal records database.

Chapter 6 Administrative Supervision over Processing of Information Concerning Punishment  
[RT I, 13.03.2014, 4 - entry into force 01.07.2014]

§ 33.  Administrative supervision

[RT I, 13.03.2014, 4 - entry into force 01.07.2014]
(1) Administrative supervision over compliance with the requirements provided for in this Act and legislation established on the basis thereof shall be exercised by the Data Protection Inspectorate (hereinafter Inspectorate) pursuant to the Personal Data Protection Act.
[RT I, 13.03.2014, 4 - entry into force 01.07.2014]
(2) If a person find that the rights of the person are violated or his or her freedoms are restricted in the course of processing of information concerning punishment, the person has the right to address the chief or authorised processor of the database, inspectorate or a court.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]

§ 34.  Correction of inaccurate data and notification of correction

(1) Inaccurate data shall be closed and corrected by the authorised processor of the database on the basis of an application of the person who submits the data, on the basis of a precept of the chief processor of the database or inspectorate or a court ruling.
(2) The authorised processor of the database is required to give immediate notice of a correction of data to the persons concerned.
(3) The Inspectorate is required to verify the correction of inaccurate data.
(4) The authorised processor has the right to close and correct, on own initiative, incorrect data by verifying, if necessary, the accuracy of the data with the person who submitted the data. The authorised processor shall not notify the persons concerned in the case of correcting data on own initiative.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]

Chapter 7 Implementation of Act  

§ 35.  Exceptions to running of term for deletion of information concerning punishment

[Repealed - RT I, 27.06.2013, 2 - entry into force 01.10.2013]

§ 351.  Consideration of interruption of term for deletion of information concerning punishment

(1) As of 1 October 2013, the term for deletion of information concerning punishment provided for in the criminal records database shall be deemed expired upon consideration of valid information concerning punishment and recurrence of offence in the proceeding of an offence upon expiry of the term provided for in § 24 of this Act, without regard to interruption of term for deletion of information concerning punishment.
(2) If the final judgement of conviction was made before 1 October 2013, the punishment in force and recurrence of the offence are considered according to the Act in force during the proceeding of the offence.
[RT I, 27.06.2013, 2 - entry into force 01.10.2013]

§ 36.  Criminal offences committed prior to the entry into force of Penal Code

In the case of issue of a notice from the criminal records database to a legal representative or employer of a minor or a person entitled to grant an activity licence for provision of services to minors, the offences committed prior to entry into force of the Penal Code, which are legally assessed in clause 115 (2) 3) and subsection 115 (3), subsection 1151 (2), §§ 116 and 117, subsection 118 (2), §§ 200, 2003 and 202 and clause 2026 (3) 2) of the Penal Code and equivalent criminal offences committed abroad shall be equivalent to the offences legally assessed pursuant to the Penal Code.

§ 37.  Implementing provisions related to transfer of criminal records database

(1) The functions, rights, obligations, state assets and records management related to the maintenance of the criminal records database shall be transferred to the Centre of Registers and Information Systems administered by the Ministry of Justice as of 1 January 2012. The activities related to transfer of the criminal records database from the area of government of the Ministry of Internal Affairs into the area of government of the Ministry of Justice shall be organised by the Government of the Republic or a minister authorised by the Government of the Republic.
(2) A notice concerning transfer of the criminal records database from the area of government of the Ministry of Internal Affairs to the area of government of the Ministry of Justice and a proposal to enter into an employment contract with the Centre of Registers and Information Systems on the terms and conditions proposed shall be submitted to an official of the criminal records database office of the Police and Border Guard Board in writing at the latest on 15 November 2011.
(3) The following rights acquired by the official of the criminal records database office of the Police and Border Guard Board who leaves from the position of an official to the position subject to contract of employment in the Centre of Registers and Information Systems shall be preserved during the time of employment in the respective position:
1) he or she shall continue to receive his or her former remuneration if the remuneration at the new position is smaller than the former salary;
2) an official who has at least three years of service by the time of release from service shall be entitled to receive one day of additional holiday for the third and each subsequent year, but not more than a total of 10 calendar days. If additional holiday is prescribed for officials in the collective agreement of an institution, the additional holiday granted based on this section shall not be added to the additional holiday granted based on the collective agreement;
3) write off of a study loan is granted pursuant to the procedure provided for in the Study Allowances and Study Loans Act;
4) the time till 1 January 2018 worked under an employment contract shall be included in the length of service upon increase of the pension on the basis of the Public Service Act.
[RT I, 26.03.2013, 2 - entry into force 01.04.2013]
(4) An official notifies the manager of the Centre of Registers and Information Systems about his or her consent to enter into an employment contract during the term determined by the latter which may not be shorter than two weeks after the date of receipt of the notice specified in subsection (2) of this section. If the official fails to notify of his or her consent within the specified term, the official shall be deemed to have opposed.
(5) Former officials who grant their consent for entry into an employment contract on time shall not be paid the compensation specified in subsection 131 (1) of the Public Service Act upon release from service.

§ 371.  Entry of information concerning punishment upon transfer of criminal records database

(1) No such information shall be entered in the criminal records database for the processing of which there is no legal basis.
(2) The information concerning the following criminal punishments shall be entered in the archives of the database:
1) a punishment imposed before 1 January 1992, with the exception of an imprisonment for a term of more than ten years and life imprisonment;
2) ten to twenty years’ imprisonment in the case of which more than ten years have passed from the date of enforcement thereof, if the person has not committed a new criminal offence during this time;
3) an imprisonment for a term imposed from 1 January 1992 until 31 December 2000 in the case of which the term for deletion of the information concerning the punishment provided for in § 24 of this Act has expired after the date of the enforcement thereof, if the person has not committed a new criminal offence during this time.
(3) Information concerning punishment for a misdemeanour which was entered in the database before 1 January 2010 shall be entered in the archives of the database.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]

§ 372.  Checking of correctness of information in criminal records database after transfer of criminal records database

(1) No information concerning punishment shall be entered in the criminal records database and information concerning punishment shall be deleted from the criminal records database if all the information provided for in subsections 12 (4) and (6) of this Act or a part thereof are missing and if the authorised processor of the criminal records database cannot find, through reasonable efforts, the decision which was the basis for the punishment. If the date of commission of an offence is missing, the authorised processor of the database shall indicate the date of making the decision as the date of commission of the offence.
(2) If the authorised processor of the database is unable to establish information concerning the service of a sentence through reasonable efforts and the limitation period for execution of the judgment provided for in § 82 of the Penal Code has expired, the authorised processor of the database may deem that the term for enforcement of the punishment has expired and delete the information from the database pursuant to the provisions of this Act.
[RT I, 27.06.2013, 2 - entry into force 15.07.2013]

§ 373.  Entry of data in archives of database

The data provided for in §§ 371 and 372 of this Act shall be transferred to the archives of the database by 15 July 2013.
[RT I, 27.06.2013, 2 - entry into force 28.06.2013]

§ 38.  Amendment of Republic of Estonia Child Protection Act

[Omitted from this text.]

§ 39.  Amendment to State Fees Act

[Omitted from this text.]

§ 40.  Repeal of Act

[Omitted from this text.]

§ 41.  Entry into force of Act

(1) This Act enters into force on 1 January 2012.
(2) § 37 of this Act enters into force on 15 November 2011.
Read Entire Law on www.riigiteataja.ee