Personal data processing policy

Data controller

1. Personal data controller of CERT.LV:

Name Institute of Mathematics and Computer Science, University of Latvia
Registration No of the Scientific Institution 381013
Taxpayers No 90002111761
Address Raina Bulvaris 29, Riga, LV-1459, Latvia
Phone +371 67085888
E-mail cert

Data Protection Officer

2. CERT.LV personal data protection officer – phone +371 67085888, e-mail cert

Data processing purpose and legal grounds

3. CERT.LV organises all events (lectures, workshops, conferences) based on „ Information technology security law”.

4. Processing of the personal data of event participants is done  to ensure participation in the event, publicity of the event, and necessary documentation for expense justification (“Information technology security law” and “Law on Accounting”).

5. Event participant by registering to the event confirms that he/she is informed and agrees to his/her personal data – name, surname, e-mail address, IP address, signature - processing by CERT.LV to:

5.1 Register participant for the event;
5.2 Identify him/her at the event as the registered participant;
5.3 To make a record of the participation in the event by the Participant and his/her organisation as required by the “Information technology security law”;
5.4 Supply a certificate of participation to the participant;
5.5 Provide necessary documentation for expense justification as required by the “Law on Accounting”.

6. At the event the video will be filmed and pictures will be taken. Live stream and the recording of the event will be available online at www.cert.lv, https://www.facebook.com/certlv, https://www.youtube.com/user/CERTLV, but photos will be used for the publicity in mass media, and on the CERT.LV profile in social networks Facebook and Twitter.

7. If the personal data processing mentioned above has been found unacceptable, on site attendance of the event is not possible, nevertheless CERT.LV is providing an opportunity to follow the event online at www.cert.lv.

8. If during the registration process the field “Would like to receive information on further CERT.LV events” has been checked, information on new events will be sent to the indicated e-mail address. To unsubscribe  please send an e-mail to kursi

Possible receivers of the data

9. CERT.LV has the rights to disclose the data:
9.1 If the information on the data has been requested by the data subject and CERT.LV has verified the identity of the requestor;
9.2 If the information on the data has been requested in writing by the authorities of the Republic of Latvia in the manner stated in regulatory enactments
9.3 If data subject has agreed to passing on the data to a different data controller/ processor?

10. You have rights to request information on third parties that have received your data unless the law of the Republic of Latvia states otherwise.

Access to your personal data and data transportability

11. Your data you can access or update on site or by sending request to cert, or a mail to Raina Bulvaris 29, Riga, LV-1459, Latvia. CERT.LV provides the data after identity of the requestor and rights to access the data have been confirmed.

12. You have rights to receive your data that have been available to CERT.LV in machine readable format.

Correction, deletion or processing limitation of the data

13. In case of changes you have an obligation to inform CERT.LV and update your data before the event.

14. If you have registered for the event and do object to the processing of personal data submitted with the registration form, CERT.LV upon your request deletes your data from the event participant list and your place is offered to the next candidate.

15. If you would like to delete your data or withdraw your consent, please send an e-mail to kursi. Before processing the request CERT.LV will perform person identification.

Data storing

16. Electronic certificate of participation is stored for 1 year. Data of the event application form and the record of the participation will be stored for 5 years to ensure proof requested in the “Information technology security law”.

17. Signed event registration forms of the participants will be stored for 5 years in accordance with the “Law on Accounting”.

18. If in the registration form the field has been marked stating consent to receive information on the future events, such information will be supplied to the e-mail address provided in the registration form until the consent will be withdrawn by sending such request to the e-mail address kursi. Data on consent to receive event information is stored with the registration information.

19. Video recordings of the events are stored till the content is no longer applicable for the task of improving information technology security. CERT.LV examines video recordings and their applicability yearly.

20. After the event several photos are selected to be used in the publicity activities in mass media, on CERT.LV website, and social networking  profiles. These pictures are stored for 5 years. The rest is deleted after 1 year.

Filing complaint

21. You have a right to file a complaint with the overseeing authority on potential violation of the personal data processing.