Published: 20.05.2020.
Updated: 29.11.2021.

Riga City Municipality must collect, process and use certain types of information about individuals and organizations, in order to perform its direct functions and services in the most effective way.
Depending on the requested or provided service or the performed function, the processing of personal data may take place within the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Personal data may refer to both the former and current users of Riga City Municipality services; former, current and potential employees of Riga City Municipality; suppliers, service providers and persons who cooperate and communicate with Riga City Municipality.
In accordance with external legislation (laws, regulations of the Cabinet of Ministers, binding regulations of the Riga City Council), Riga City Municipality from time to time needs to collect, process and use certain types of personal data that is necessary for the City Municipality to fulfil its functions and obligations.

With this Personal Data Protection Policy, the Riga City Municipality wishes to emphasize its strong commitment to provide the protection of personal data and states that in all your communication and cooperation with the Riga City Municipality, it will try to ensure the security of the processed personal data. 

Riga City Municipality on a daily basis generates, collects and otherwise processes personal data on a large scale and in various ways. This information may be obtained from you by submitting applications, or by using the Riga City Municipality portal e-riga to receive Riga City Municipality services, as well as we obtain information about you from other sources, for example, from the government information systems, third parties and public sources when it is necessary to ensure the functions and tasks assigned to the local government by regulatory acts.
The Controller of the data is the Riga City Municipality, in the person of specific department or institution that determines the purposes and means of processing personal data.

Address of Riga City Municipality: Ratslaukums 1, Riga, LV-1539, e-mail: riga@riga.lv

The Personal Data Protection Officer is the Riga City Council Data Protection and Information Technology and Security Centre, address: 5 Kr. Valdemara Str., Riga, LV-1010, e-mail: dac@riga.lv.

Riga City Municipality can process your personal data in the paper or electronic format, by telephone, or performing video surveillance. The processing of personal data may be performed by an employee of the Riga City Municipality or some of the Riga City Municipality processors with whom the Riga City Municipality has a contract. The City of Riga Municipality ensures the compliance with the principles of personal data protection when processing your personal data.

Riga City Municipality:

  • processes personal data in a lawful, fair and transparent manner to the data subject;
  • processes personal data adequately, appropriately and only to the extent necessary for the purposes of the processing;
  • processes personal data in such a way as to ensure adequate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage by appropriate technical or organizational measures;
  • personal data are kept for no longer than is necessary for the purposes for which the personal data concerned are being processed;
  • You will be informed why Municipality needs your personal data and what will be done with your personal data;
  • Only accurate personal data are processed and, if necessary, kept up to date;
  • collects personal data only for specified, explicit and legitimate purposes and will not process it further in a way incompatible with those purposes. Except if necessary to fulfil the statutory functions and obligations.

Riga City Municipality processes personal data and special categories of personal data.

Personal data is information that is related to an identified or identifiable natural person, such as your name, surname, personal identification number, date of birth, contact information (to ensure effective communication), information that we ask you to provide in order to receive services provided by the municipality , etc.

Special categories of personal data is information that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs or membership in trade unions, and genetic data and biometrics, to perform processing of unique identification of individual, health data, or data on an individual's sexual or sexual orientation.

The processing of personal data is necessary for the Riga City Municipality to fulfil its functions and tasks, as well as to provide services, for example, to ensure the education of the population, to provide social assistance to the population.

In some cases, the City of Riga Municipality stores your personal data in an archive for the purpose of preserving evidence, for historical purposes, or they are used for research or statistical purposes.

Sometimes it is necessary to process personal data in order to protect individuals from harm, to protect public order, to prevent or investigate violations, to comply with the law and to provide the information in accordance with the rights of individuals.

Riga Municipality will only process your personal data when there is a legal basis for doing so.

The main legal bases for the processing of your personal data by the City of Riga are that such processing of personal data is:

  1. is necessary for the performance of a legal obligation incumbent on the municipality; and
  2. is necessary for the performance of a task carried out in the public interest or in the exercise of official authority given to the controller.

Additional legal bases may include:

  • The processing is necessary to execute the contract or to take action upon your request prior to the conclusion of the contract;
  • You have approved the processing of your personal data for one or more specific purposes;
  • processing is necessary to protect your vital interests or vital interests of another person that is life and health.

If we will need your consent to process your personal data, we will ask you to provide it.

If you wish to revoke your consent, you may revoke it at any time by contacting your local Visitor Reception Centre or otherwise contacting the appropriate authority in the municipality to which you have previously given your consent.

To provide you with an efficient service and to perform our functions, we sometimes exchange the information between authorities, departments and municipal corporations, as well as other organizations that provide services on our behalf.
When you submit your personal data to one unit or institution of the Municipality, the data may be transferred to other units and institutions within the municipality to the extent that it is appropriate, proportionate and proportionate for the City of Riga to perform its functions and provide its services.

Riga City Municipality may transfer your personal data to other organizations when it will be necessary and permissible or it will be required by law, including, it will possibly transferred to other state and municipal authorities. Personal data may be transferred to processors (natural or legal person, public authority, agency or other institution that processes personal data on behalf of a municipality) if it will be necessary for the performance of municipal functions and services.

The Riga City Municipality may transfer your personal data to third parties, but only when it will be necessary to fulfil your legal obligations or as permitted by personal data protection legislation.

For example, Riga City Municipality may transfer your personal data to:

  • Office of Citizenship and Migration Affairs
  • State Revenue Service;
  • Ministry of Education;
  • Social service providers;
  • State Land Service.

When providing the services, we will provide you with more accurate information about the recipients of your personal data or the organizations that will be involved in providing the services on our behalf, or with whom we will exchange information and your personal data.

We will exchange your personal data with organizations or suppliers or service providers who provide sufficient guarantees that appropriate technical and organizational measures will be implemented in a way that the data processing will comply with legal data protection requirements and the data subject's rights will be protected, as well as those who are able to fulfil the obligations laid down in the legislation on the protection of personal data. These warranties and conditions are set forth in the agreements with organizations and third parties.

We will not use your personal data for commercial shipments unless you have explicitly given your consent to us to do so.

Your personal data will normally be stored and processed in the European Economic Area.

In certain cases, if it will be necessary to transfer your personal data outside the European Economic Area, we will do so when we have the rights to do so and ensuring adequate level of protection.

Riga City Municipality will store your personal data only for as long as it is necessary to perform its functions and for as long as their storage is required by law. The period for which we will keep your personal data depends on the purpose for which it was collected and in accordance with the Law of Archives. 

Your rights

  • The rights to be informed about why we process and use your personal data.
  • The rights to request information about what personal data we store about you. We provide this information free of charge. We are obliged to reply within one month, unless we extend the reply to three months, taking into account the complexity and number of requests. 
  • The rights to correct data. You have the rights to correct the data if it is inaccurate or incomplete. We are obliged to reply within one month. If we decide not to correct the data, we will explain to you why we will not correct it and provide you with information about your rights to file a complaint to the Data State Inspectorate.
  • The rights to delete (the right to be "forgotten"). You have the rights to request the deletion of your personal data or the termination of their processing. We will not always be able to comply with your request, for example if we are required to retain information. If we decide not to delete the data, we will explain to you why we will not delete it and provide you with information about your rights to file a complaint to the Data State Inspectorate.
  • The rights to restrict processing. In certain cases you have rights to restrict the processing of your personal data, for example if the information is inaccurate. If the processing of personal data will be restricted, we may retain relevant information to ensure that these rights are respected in the future. If we decide to remove such a restriction, we will notify you.
  • The rights to data portability. If we process your personal data in accordance with your consent or based on the contract, and it is stored in a structured, widely used and machine-readable format, you have the rights to request the transfer of personal data directly from one data controller to another, if that is technically possible. These rights do not refer to personal data that are processed in order to perform a legal obligation incumbent on the municipality or for the performance of a task carried out in the public interest or to fulfil an official powers of the municipality.
  • The rights to object. You may object to the use of your personal data for profiling, direct marketing purposes or for scientific or historical research or statistical purposes, unless the processing is necessary for the performance of a task carried out in the public interests.
  • Automated individual decision making, including profiling. You have the rights not to be the subject of a decision based solely on automated processing, including profiling, which for you has legal consequences or which similarly significantly may affect you.

You can find the information on the use of cookies on each website of the municipality

Riga City Municipality conducts video surveillance of public places for the following purposes: reduction of risks to public order and public security, prevention or detection of criminal offenses related to property protection and protection of vital interests of persons, including life and health, control of human and transport flows, monitoring of metrological conditions.

The legal basis for video surveillance is the legitimate interests of the Riga City Municipality - to realize the legitimate interests of the Riga City Municipality arising from the law. The legitimate interests or purposes of personal data processing for video surveillance are following:

  • Protection of the buildings and property of Riga City Municipality institutions;
  • Safety of employees and visitors of Riga City Municipality institutions;
  • Reduction of risks to public order and public security;
  • Crime prevention;
  • Assisting and prosecuting the detection of criminal offenses and administrative offenses
  • Ensuring the health and safety of employees and visitors of Riga City Municipality institutions;
  • Resolving the disputes arising in the disciplinary or legal proceedings;
  • Ensuring the interests of persons in initiating civil proceedings or defending rights.

Video surveillance in the municipality is performed using stationary video cameras, mobile video cameras, unmanned aerial vehicles and other types of aircraft flights that do not qualify as aircraft, or other devices that used to acquire and store video surveillance records.
Depending on the situation, municipal institution or structural unit that performs video surveillance, the recipients of personal data of a may be persons who perform security functions; persons who technically service the video surveillance system; the persons specified in external regulatory acts, if they submit a request, in accordance with the provisions of regulatory acts; for the protection of the legitimate interests of the data controller, for example, by applying to a court or other state institutions against a person who has infringed these legitimate interests.

Riga City Municipality informs about the video surveillance before the video surveillance zone. These video surveillance recordings may only be accessed by authorized persons in the context with specific personal data processing purposes or in order to ensure that the system is operational.

Riga City Municipality stores video surveillance records for the period of no longer than 30 (thirty) days. In individual exceptional cases, municipal institution, performing the assessment with regard to data protection, the term of data storage period for video surveillance records may be longer.

Video surveillance performed by Riga municipal police. Purpose of personal data processing: prevention of the threat to public order and public security. Legal basis for personal data processing: Regulations of the Cabinet of Ministers of 21 March 2017 No. 153 “Procedure how the police makes observations using technical means, and the order how acquired data is processed”.

Data obtained from video surveillance, in which a threat to public order, a criminal offense, a wanted person or vehicle, a threat to the security of a police building, premises and territory, detainees and guarded object has been identified, shall be kept for the completion of administrative violation proceedings, administrative proceedings or departmental inspections administrative violations completion at a police station, but for no longer than three years. The police keeps the data obtained from video surveillance for three months.
You have the rights to receive your personal data in the cases specified by law, to request their deletion, to restrict their processing or to object to the processing.

In order to perform the rights of its data subject, you have to submit a request (application) in a written form to the institution of Riga City Municipality in person, presenting an identity document; or electronically, by signing an application with a secure electronic signature, or by submitting an application using the portal latvija.lv. Please note that additionally you have to submit your photo not older than one year, as well state as the date, time and place on what you want to receive the information.

The institution of Riga City Municipality will ensure the fulfilment of data processing and protection requirements in accordance with legal acts and in case of objections will take useful actions to resolve the objection. However, if this fails, you have the rights to apply to the supervisory authority - the Data State Inspectorate.

In order to ensure transparency and accessibility of decision-making, the public meetings of Riga City Council are broadcasted online on the Internet, and later they are available on the website of the municipality. In these public broadcasts only the public figures recorded, i.e. deputies and employees of Riga City Municipality, when they are speaking and debating at the meetings.

Data protection breach

If you are concerned about what we do with your personal data, or you think that something has happened inappropriately, for example, if you receive a letter from the Riga City Municipality that is not addressed to you, please contact the Data Protection, Information Technology and Security Centre of Riga City Council, reporting a possible personal data protection breach.

Complaints and comments

If you want to make a complaint or comment on how Riga City Municipality processes personal data, you can write to a specific municipal institution or to the Data Protection Information Technology and Security Centre of Riga City Council. If you still are not satisfied with the way Riga City Municipality handles the complaint, you can contact:

Data State Inspectorate 
11/13-11 Blaumana Str.,
Riga, LV-1011
Telephone: 67 22 31 31
Fax: 67 22 35 56
Email: info@dvi.gov.lv

Riga City Municipality receives personal data if you are interested in the local government by using social networking accounts like Twitter, LinkedIn, Instagram, Facebook, Youtube, technically maintained by other providers.

The municipality maintains social network accounts on these platforms in order to provide information on the functions of the local government and the possibilities to provide them by electronic application. In addition, the municipality through social networks provides information to the public on the topical issues of the municipality, as well as the possibility for visitors to social network accounts to express their views or to ask questions regarding the provision of local government functions in accordance with the Law “On Local Governments” and Binding Regulations No.114 “Riga City Municipality Regulations “  of March 1st, 2011 within the specified competence.

The municipality reviews reports or information recorded by a person in the relevant social network account, but the reports or information is stored by the relevant social network provider. The municipality does not carry out further processing of personal data relating to reports or information available on the relevant social network.

The social media provider must have its own privacy policy (data processing policy) that informs the user how the personal data is processed through the social networks. For example, if you choose to watch any of the local government’s videos on YouTube, you will be asked to accept YouTube cookies. If you visit the local government’s Twitter account, you will be asked to accept Twitter cookies. The same goes for LinkedIn.

If you have questions about the processing of personal data in social networks, including the use of personal data, read the privacy policies carefully before using these social networks. If you want to use social networks, you must adjust your social account privacy settings on any third-party site to suit your wishes.

Please note that the accounts that the municipality is following do not indicate the views of the municipality.

The accounts of the local government social networks are administered by the Departments and institutions of Riga City municipality.

We are pleased to see different views in our social network accounts, yet we ask you to respect the basic principles of good behaviour. Please respect the other users of social networking accounts and avoid offensive language. The municipality has the right not to respond, hide or delete comments that are defamatory, racist, spamming, repeating, which do not matter and /or are commercial. Users of social network accounts who publish violent, threatening or unambiguously illegal content will be blocked. We recommend inserting comments that are related to the particular topic and contributing to the debate.

The municipality may archive information which users submit or publish by contacting the local government, using municipality’s social network accounts on third- party sites, for example, by sending a report, inserting a comment “following”, “friendly” or carrying out similar activities. This information may contain personal data, such as personal user’s name and other public social account information, if available, based on user’s privacy settings and site rules.

In order to perform statistical analysis and to improve the quality of local government services, the municipality may integrate web measurment tools into its social network pages. These tools allow basic analysis of social network data flows, such as the number of people who visit a specific page but do not collect personally identifiable information.

The municipality may use the data submitted by you and automatically generated data from sites for statistical analysis to, for example, assess what kind of information is interesting to the  social network users as well as the performance capacity  of the system. The local governement may use your information to detect, prevent and respond to security issues and other harmful or illegal activities.

Information that you choose to share with your municipality (directly and through third party sites) can be considered public. The municipality may, for example, publish reports or summaries of comments collected using the social network accounts of the municipality and transfer them to the councillors of the Riga City Council and the local government employees, press representatives or other persons outside the municipality. In order to protect your privacy , the municipality , when disclosing the above reports, will minimise the disclosure of personal data submitted.

Filming or photography may be carried out at the events organised by the municipality with an aim to inform the public about the topical issues of the municipality, or by fulfilling the requirements of the financing agreement of the specific event and photographs or video records may be published in the social network accounts of the municipality  or other publications in the mass media. In such case the organiser of the event informs the participants of the event thereof, by sending a notification or by placing information at the place of the event or by informing them orally at the time of the event.

If children participate in the event, filming or photographing thereof is performed only if a personal or written consent has been received from the lawful representative of the child (mother or father of the child, or guardian) except if it is for the purposes of academic, artistic or literary expression.

The municipality can change this Policy from time to time to time to include our latest personal data protection conditions. When we make changes to this Policy, we will change the date of the last fixes specified in this Policy.