Cabinet of Ministers Regulations No. 634 in Riga on 16 august 2011 (pr. No 48 32 §) rules on transfer of personal data to be included in contracts of obligatory conditions Issued in accordance with the individual data protection act article 28, fourth paragraph 1. provisions laid down minimum conditions to be included in the contracts for the transfer of personal data to countries outside the European Union or European economic area Member States and which do not provide the level of data protection which corresponds in Latvia concerned the existing level of data protection (hereinafter referred to as the agreement).
2. the text of the Treaty is a Latvian language or several languages, one of which is the Latvian language. The text of the Treaty are authentic. The contract may enter into a separate agreement or its terms can be included in another agreement.
3. the contract includes responsibility and personal data identificējošo data receiving: 3.1 body, legal person – name, registration number, registered address, other contact information;
3.2. a natural person – given name, surname, personal code (if the person is not a personal code, date of birth, place of birth), the identity of the document data, address and other contact information.
4. the contract shall include the following: 4.1 physical personal data protection act and the personal data processing of personal data;
4.2. information on the transfer of personal data: personal data transfer 4.2.1 objectives;
4.2.2. categories of data subjects;
4.2.3. the types of personal data;
4.2.4. the intended transfer of personal data;
4.3 4.3.1. duties: to transfer personal data only in accordance with the personal data specified in the contract for the transfer of purpose and in accordance with the contract specified in the minimum of protection of personal data, technical and organisational requirements;
4.3.2. verifying the data recipient's ability to meet its legal obligations in accordance with the terms of the contract;
4.3.3. terminate the contract, if the personal data are requested to comply with the Treaty obligations;
4.3.4. to terminate the contract, if the recipient of personal data pursuant to national legislation, to carry out treaty obligations;
4.4. obligations on recipients of personal data: 4.4.1. process personal data only in accordance with the contractual transfer of personal data for the purpose of and in accordance with the contract specified in the minimum of protection of personal data, technical and organisational requirements;
4.4.2. do not keep personal data for longer than necessary for the purpose for which they are sent, and to ensure that personal data are accurate and timely renewed in accordance with personal data processing purposes;
4.4.3. to notify the webmaster for changes in laws or court decisions that prevent the recipients of personal data to fulfil the obligations under the Treaty;
4.4.4. get a written consent of the webmaster, if the beneficiary wishes to the processing of personal data transferred to another person, and to conclude a written agreement that is imposed on the person subject to the same obligations as the data importer under the contract concluded with the webmaster, as well as send the webmaster a copy of the new Treaty;
4.4.5. the webmaster and request of the data subject to provide knowledge and information to the data subject for the processing of personal data by the data importer, and information about those natural or legal persons, that of the data requested is received the information about the data subject;
4.4.6. to inform the webmaster of any request received directly from the data subject and to which the recipient of personal data is not empowered to give an answer;
4.4.7. to compensate the data subject to damage or loss if they are incurred contract failure;
4.4.8. make data State Inspectorate for the performance of its duties, the necessary information and documents related to the processing of personal data;
4.4.9. ensure the curator and the data State Inspectorate officials free access to the premises where the recipient shall process the personal data sent in personal data, access to all documentation, as well as personal data processing systems, processing plants or any media to check sent to the processing of personal data in compliance with the requirements of the contract;
4.4.10. to destroy or put back (as agreed in the contract) the personal data officer, all the processing tools and documents containing personal data, if the contract is terminated. If data destruction or transfer back to the webmaster is not possible, the recipient shall inform the webmaster about storage time limits and shall undertake to ensure the adequate protection of personal data expire while: 4.4.10.1. obligation of the data subject;
4.4.10.2. personal data requested by national laws and regulations do not provide for the right to destroy documents;
4.5. protection of personal data in the mandatory technical and organisational requirements, provided by the administrator and the recipient of personal data: 4.5.1. information on the physical protection of personal data arising from exposure to hazards;
4.5.2. information on protection, which is implemented by means of the software, passwords, encryption, kriptēšan, and other logical protection products;
4.5.3. the condition that at the technical and information resources can be accessed only by authorized persons;
4.6. responsibility and obligations on recipients of personal data save information on 4.6.1. personal data: processing time;
4.6.2. the person who processed personal data;
4.6.3. personal data that have been processed.
5. Disputes concerning non-compliance with the Treaty by the Republic of Latvia the appearance in Court of the Republic of Latvia in accordance with the law applicable in the territory.
6. the State inspection of samples of the Treaty published on its website.
7. the administrator up to 2014 may 1 to ensure that the contracts concluded before the entry into force of the provisions, in conformity with these rules.
Informative reference to European Union Directive provisions included in the law arising from the European Parliament and of the Council of 24 October 1995 directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
Prime Minister v. dombrovsky ad interim Minister for the Interior, the Minister of justice a. Štokenberg in