Published: 12.10.2020.
Updated: 29.04.2025.

General Privacy Policy of the Unified Website Platform

The webmaster of the Unified Website Platform highly values your privacy and data protection. We assume that you have read this Privacy Policy which requests your consent to the processing of your personal data before the provision of such personal data and that you agree to the processing of your data.

Public administration is committed to ensuring openness and transparency, therefore this Privacy Policy describes the methods and purposes for the processing of the personal data transferred by you for processing on the Unified Website Platform. Before processing personal data, we evaluate the lawfulness of the data processing activity. We process personal data based on official mandate and legal obligations related thereto.

The Privacy Policy of the Unified Website Platform aims to provide general information on the personal data processing activities organised and performed by the State Chancellery in accordance with the principles of personal data processing provided in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter – GDPR).

The personal data controller of the Unified Website Platform is the State Chancellery. The personal data processors of the Website Platform are the institutions whose websites are placed on the Unified Website Platform, the maintainer of the platform is the State Digital Development Agency (SDDA), the Web host is the Information Centre of the Ministry of the Interior (ICMI), and the technical service provider is the Latvia State Radio and Television Centre (LSRTC).

On the Unified Website Platform, your personal data shall be processed for the achievement of the legal interests of State administration institutions, the fulfilment of obligations specified in legal acts, the fulfilment of contractual obligations, the provision of information to the public, and also other abovementioned purposes.

The legal basis for the processing of personal data within the scope of the services managed on the Unified Website Platform is provided in the following legal acts:

Employees of the parties involved in the operation of the Unified Website Platform will only process personal data for the performance of their official duties or on behalf of or under the instruction of the institutions in compliance with the basic principles of personal data processing and confidentiality requirements set out in the institution’s internal documents.

An employee may not process personal data obtained during the performance of official duties for his or her own or other persons’ personal purposes. When processing personal data within the scope of their official duties, the personal data processors will minimise the risk of personal data coming into possession of unauthorised persons as a result of actions or omissions.

On the Unified Website Platform, your personal data is processed in accordance with the confidentiality requirements and by ensuring the security of the data in held by the Unified Website Platform. The personal data processors of the Unified Website Platform take various security measures to prevent unauthorised access to your data, disclosure of data or other inappropriate use of personal data. Based on the applicable level of security, proper processing and storage of data, and also data integrity is ensured. Proportionate and appropriate physical, technical, and administrative procedures and means to protect the personal data collected and processed on the platform are used accordingly. Security measures are constantly improved in accordance with the applicable security requirements and by complying with the relevant data protection principles, and to the extent necessary for the data processing purposes.

Personal data are protected with means of data encryption, firewall and other data network security breach detection solutions. The personal data processors of the Unified Website Platform ensure the confidentiality of data and take appropriate technical and organisational measures to protect personal data against unauthorised access, unlawful processing, disclosure, accidental loss, distribution or destruction in compliance with appropriate data protection principles and to the extent necessary for the data processing purposes. Personal data protection measures are constantly improved and enhanced to prevent a decrease in the level of personal data protection.

Principles for the protection of personal data apply to:

  • the personal data processed in the information technology infrastructure (servers, local computer networks, and application software);
  • the personal data transmitted in the data transmission network, if any;
  • the information systems used for the provision of work which are administered by the institutions whose websites are placed on the Unified Website Platform;
  • the electronic documents developed, registered and in circulation containing personal data.

You may withdraw your consent (if such has been requested from you and you have given it) to the collection, processing, and use of your personal data at any time. The personal data controller of the Unified Website Platform will assess your claims based on its legal interests. If the personal data are no longer needed for the pre-defined processing purposes, they will be deleted.

The webmaster of the Unified Website Platform is responsible for the personal data processing and processes personal data with means that must prevent the misuse, unauthorised disclosure, and alteration of personal data.

In order to improve the communication of State administration institutions, the personal data controller monitors the received personal data. Such data may be used in an aggregated form to draw up review reports that can be disseminated between the State administration institutions of Latvia. Reports are anonymised and do not contain any personal data.

The Unified Website Platform contains access data of the registered and public users, usernames, information selection parameters, traffic information, and Internet Protocol (IP) access address information. The Unified Website Platform uses cookies to provide information on visitor activity, visited pages, sources, and time spent on the site. This information is collected to improve the ease of use of the website and collect information on the interests of visitors in order to ensure that the best possible service is provided to you. Only the minimum amount of personal data that is necessary to achieve the processing purpose is processed.

Your personal data are stored on the websites only for as long as it is necessary for the purposes for which they were collected. The personal data processors of the Unified Website Platform who have access to such data are trained to handle them properly and in accordance with the regulatory data security framework.

Personal data are stored for as long as there is a legal obligation to store personal data. At the end of the data storage period, the data will be securely deleted or depersonalised so that they can no longer be attributed to the data subject.

The personal data stored on the Unified Website Platform is considered restricted access information and can only be disclosed to third parties in the cases and in accordance with the procedures, and to the extent specified in legal acts or concluded agreements. When transferring personal data to the contractual partners of the Unified Website Platform (independent controllers), additional provisions for the processing of personal data are be included in the agreements.

Websites contain links to other sites which have different terms of use and personal data protection rules.

The cooperation between the institutions involved in the implementation of the Unified Website Platform is governed by the adopted legal acts. If you have any questions or complaints relating to the processing and protection of personal data in the Unified Website Platform, please contact the State Chancellery by sending an e-mail to pasts@mk.gov.lv or the responsible personal data controller of the State Chancellery Aldis Apsītis (e-mail address: aldis.apsitis@mk.gov.lv).

The person responsible for the processing of personal data on the website www.pmlp.gov.lv is Uldis Apsītis, Uldis.Apsitis@pmlp.gov.lv.

Data subjects have the right to submit complaints regarding the use of personal data to the State Data Inspectorate (www.dvi.gov.lv) if the subject believes that the processing of his or her personal data violates his or her rights and freedoms in accordance with the applicable laws and regulations.

The Unified Website Platform uses cookies and warns the website users and visitors thereof.

The Unified Website Platform uses cookies to fulfil the obligation specified in Paragraph 23 of the Cabinet Regulation No. 399 of 4 July 2017, Procedures for Accounting, Quality Control and Provision of State Administration Services, as well as in Section 10 of the State Administration Structure Law to obtain traffic and usage statistics in order to improve the ease of use of the Unified Website Platform. You are provided with the possibility to read the Cookie Policy and decide whether to give your consent to the collection of statistics, as well as to choose the option to share the content in social media. In the opt-in consent window, you are given the option to opt out of cookies by selecting “Reject”. The exception is the mandatory technical cookie which is enabled by the browser for the duration of the connection session. You can change your cookie preferences in the footer of the website by selecting the link "Changing cookie preferences".

Cookies are small text files which are stored on the memory of your computer or mobile device when visiting a website. During each next visit, the cookies are sent back to the website of origin or to any other website recognising the cookies. The cookies operate as a memory of the particular website, enabling the site to remember your computer or mobile device during next visits, and the cookies can also remember your settings or improve the user experience.

The cookies used can be divided into essential technological cookies without which the provision of the service is technologically impossible or significantly restricted, performance cookies and social media cookies.

By using the website you agree that the performance cookies placed on this website are used for the purpose of improving the quality of services in compliance with the State administration principles specified in Section 10 of the State Administration Structure Law which provide that the State administration must be organised in a way that is easily accessible to an individual and also the fulfilment of the obligation of the State administration to improve the quality of services provided to the public, to simplify and improve procedures for the benefit of natural persons.

When using third-party resources embedded on this website (for example, YouTube, Flickr, etc.), third-party cookies might be placed on your browser.

The website uses the following cookies:

  • Essential cookies:
    • SESS<ID> – this cookie is essential only for content administrators to ensure authentication (ID is replaced by a unique name created for each session).
    • maintenance_message – this cookie is necessary for all users to prevent the content or platform administrator’s notifications from reappearing (those which the content user has read and closed with the "Close" button).
    • allowCookies – this cookie determines whether you have agreed to the terms of use of cookies and whether to display a statement about the use of cookies in the future.
  • Performance cookies. This webpage uses the Google Analytics service made by Google Inc. which uses the cookies stored on your computer to enable analysis of how you use the relevant website. The information generated by the cookies about how you use the website is sent and stored to the Google server. Your IP address, when applying IP anonymisation, is shortened within the territory of the European Union or the European Economic Area. Google uses the information in order to assess how you use the particular website in order to prepare reports for website providers about activities on the relevant websites and to provide other services related to the use of websites and the internet. Google will never link the IP address received here with any other information being at the disposal of Google. In case of need, Google may provide this information to third parties if it is stipulated in laws or if third persons perform the processing of such data on the assignment of Google.
    • _ga, _gat, _gid – these three cookies are necessary for all users to allow traffic data to be passed to the Google Analytics statistics collection tool.

If you do not accept the use of performance cookies, traffic data will not be included in Google Analytics statistics.

  • Social media cookies:
    • _cfduid – this cookie is necessary for all users to share a content item on their social networks.

Refusing cookies 

You may reject the creation, storage, and processing of such statistics by manually disabling the use of the cookie handling mechanism in your browser at any time.

You can change or delete your cookie settings in your browser settings. We have added links to cookie management information resources for the most popular browsers:

More information on how to control cookies according to your device’s browser can be found at: www.aboutcookies.org.

Data Controller's Identity and Contact Information
 

Office of Citizenship and Migration Affairs
Registration No. 90000050138
Čiekurkalna 1.līnija 1, K-3, Riga, LV1026
pasts@pmlp.gov.lv

 

The purpose of the Privacy Policy of the Office of Citizenship and Migration Affairs (hereinafter  the Office) is to provide you with information about the purposes the Office processes personal data, the categories of personal data, the legal basis for personal data processing, retention periods, recipients of personal data, as well as to inform you of your rights and obligations.

The Office processes personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter  the GDPR) requirements.

The Office's Privacy Policy applies to any natural person whose personal data is processed by the Office, regardless of whether the personal data is obtained from the data subject (in paper form, electronically, by telephone) or from other sources.

Contact information for the Office's Data Protection Officer: DAS@pmlp.gov.lv. The Data Protection Officer does not provide general consultations on compliance of personal data processing with the GDPR and the Personal Data Processing Law, but performs the tasks specified in Article 39 of the GDPR, as well as provides general information about the personal data processing carried out by the Office.

 

Purpose of Personal Data Processing, Legal Basis, Data Types and Data Collection Sources

Personal data is processed for the following purposes:

  1. To create, maintain and develop the state information systems under the Office's management, the Office shall process such types of personal data as specified in the regulatory act on the operation of the relevant information system and received from you as the data subject, state and local government institutions, and information systems under the management of these institutions, natural and legal persons who are required by law to provide information for integration in the information systems managed by the Office.
  • Register of Natural Persons (Law on the Register of Natural Persons, Regulation of the Cabinet of Ministers No. 372Regulations Regarding the Amount of Information to be Included in the Register of Natural Persons” of 15 June 2021, Regulation of the Cabinet of Ministers No. 412 Procedures for the Inclusion and Updating of Information in the Register of Natural Persons of 22 June 2021)
  • Register of Residence Permits (Immigration Law, Regulation of the Cabinet of Ministers No. 564 Regulations Regarding Residence Permits” of 21 June 2010)
  • Register of Work Permits (Immigration Law, Regulation of the Cabinet of Ministers No. 55 Regulations Regarding Employment of Foreigners of 28 January 2014)
  • Register of Invitations (Immigration Law, Regulation of the Cabinet of Ministers No. 564Regulations Regarding Residence Permits of 21 June 2010)
  • National Visa Information System (Immigration Law, Regulation of the Cabinet of Ministers No. 676Visa Regulations of 30 August 2011)
  • Information System of Personal Identification Documents (Personal Identification Documents Law, Regulation of the Cabinet of Ministers No. 601 “Regulations on the Information System of Personal Identification Documents” of 3 October 2017)
  • Register of Returned Foreigners and Entry Bans (Immigration Law, Regulation of the Cabinet of Ministers No. 122 Regulations Regarding the Register of Returned Foreigners and Entry Bans of 5 March 2013)
  • Acquiring and Loss of Citizenship Information System (Citizenship Law, Regulation of the Cabinet of Ministers No. 98 Regulations on the Acquiring and Loss of Citizenship Information System of 7 March 2023)
  • Register of Asylum Seekers (Asylum Law, Regulation of the Cabinet of Ministers No. 456Regulations Regarding the Register of Asylum Seekers of 12 July 2016)
  • Electoral Register (Electoral Register Law)
  • Archive of Electronic Documents (Regulation of the Cabinet of Ministers No. 528 of 09 August 2016 “Regulations on the Archive of Electronic Documents of the Office of Citizenship and Migration Affairs”)
  1. To review applications, complaints, requests, issue administrative acts, undertake actual actions and provide services, the Office shall process names, surnames, personal identity numbers, contact information, as well as personal data at the Office's disposal or obtained from other institutions or state information systems that is necessary for the performance of the respective task under the procedures specified in regulatory enactments.
  2. To conduct competitive recruitment process, evaluate a candidate's suitability for a position and establish employment or civil service relationships, the Office shall process the information provided in the application (name, surname, personal identification number, contact information, etc.), as well as personal data to evaluate the candidate's suitability for the specified position under the requirements of the Labour Law and the State Civil Service Law.
  3. To provide up-to-date information about the Office's services, ensure and improve the quality of the Office's information telephone service, as well as to review complaints about the institution's actions, the Office shall record telephone conversations on the information telephone 67209400 and process your voice and provided information (name, surname, description of the situation).
  4. To ensure your safety and that of the Office's personnel, protect property, as well as improve the quality of services provided by the Office in person, the Office shall conduct video surveillance in the customer service halls of the Office's territorial departments and process your visual image, appearance, behaviour, actions, voice (if video surveillance with voice recording function is available), location and time.
  5. The Office's website uses cookies (for more information - General Privacy Policy of the Unified Website Platform).
  6. The Office does not perform profiling of personal data.

Legal basis for personal data processing

The Office may process your data:

  1. to comply with a legal obligation applicable to the controller (Article 6(1)(c) of the GDPR);
  2. to perform a task carried out in the public interest or to exercise of official powers legally vested in the controller (Article 6(1)(e) of the GDPR);
  3. to comply with the legitimate interests of the Office or a third party (Article 6(1)(f) of the GDPR).

Retention of personal data

The Office stores your personal data as long as at least one of the following conditions exists:

  1. as long as the Office has an obligation specified in regulatory enactments to store the relevant personal data;
  2. as long as a legal obligation applicable to the Office is being fulfilled (for example, reviewing an application, issuing an administrative act, providing a reply, etc.);
  3. as long as the retention of personal data is necessary for the realisation of the legitimate interests of the Office, the data subject or a third party (for example, filing a claim in court, etc.).

Recipients of personal data

The Office transfers your personal data only to the recipients having the right to receive personal data in the cases specified in regulatory enactments:

  1. the Office employees processing personal data for the performance of their officialduties;
  2. the personal data processor (Information Centre of the Ministry of the Interior);
  3. state and municipal institutions, law enforcement authorities, security institutions, insolvency administrators, sworn notaries, bailiffs, and other third parties who require your personal data under the Office's control for the performance of functions and tasks specified in regulatory enactments;
  4. natural persons, based on a motivated written submission, in the manner and to the extent specified in regulatory enactments.

Transfer of personal data to third countries

The Office may transfer your personal data to third countries (outside the European Union or European Economic Area) or international organisations only in cases where there is a legal basis for such transfer and if it is stipulated by Latvian or international regulations or international agreements concluded between Latvia and the said third country or international organisation.

Personal data security

When processing your personal data, the Office employs various technical and organisational measures, including ensuring compliance with the requirements set out in the regulatory acts regarding information system security (the Law on State Information Systems and the regulations of the Cabinet of the Ministers issued on the basis thereof).

Your rights

You have the following rights regarding personal data protection:

  1. Right to access your data  when exercising your right to access data, you need to specify a particular time period and the data you wish to obtain. You have the right to request information from the Office about your data held by the Office, purposes of data processing, how the Office obtained it and to whom it was transferred, retention period, and to receive a copy of your data. The request can be fulfilled more quickly if the time period specified is as short as possible and the request for information about your data is formulated in as much detail as possible.
  2. Right to rectification of data  if you need to clarify or rectify your personal data held by the Office, you must clearly indicate which data needs to be rectified and provide updated information. If the data was not obtained from you, it is necessary to provide justification as to why the information being rectified is considered inaccurate, to facilitate a faster and more appropriate assessment of accuracy.
  3. Right to erasure of data  for the Office to erase your data, you must specify exactly which personal data needs to be erased and provide justification for this request.
  4. Right to restrict processing  if you are uncertain whether the Office is processing data appropriately, you may request restriction of the processing of the specific data. The request for restriction of data processing must indicate why, in your opinion, this processing needs to be restricted.
  5. Right to object to processing  in certain cases, you may have the right to object to processing due to your individual circumstances. In the request, it is important to indicate your individual circumstances due to which you object to the processing.

If you wish to submit a request regarding the processing of your personal data by the Office, please contact the Office by sending:

  1. a hand-signed application by post to the Office’s legal address: Čiekurkalna 1.līnija 1, Rīga, LV1026;
  2. an electronically signed (with a secure electronic signature) application to the email address pasts@pmlp.gov.lv;
  3. electronically, using the official electronic address.

Your request will be reviewed without undue delay, and a reply regarding the fulfilment or non-fulfilment of the request will be provided no later than one month from the date of receipt. In cases where the fulfilment of the request takes the Office longer, the Office has the right to extend its fulfilment for another two months, and you will be informed thereof within one month.

The Office informs that some of your rights may be restricted if the Office has an obligation to process and store personal data to fulfil its legal obligations, and the Office also has the right not to fulfil your request:

  1. if it is not formulated comprehensibly;
  2. if the Office is unable to identify you;
  3. if the Office has already provided an answer to such a request;
  4. if the volume of the requested information is disproportionate;
  5. if your request is unfounded (not applicable to the Office, no explanations have been provided as to why the request should be fulfilled);
  6. if regulatory acts stipulate that the Office is not authorised to provide you with such information.

If you believe that the Office has processed your data inappropriately, you have the right to submit a complaint to the data protection supervisory authority regarding the data processing carried out by the Office:

Data State Inspectorate,
Elijas iela 17, Riga, LV-1050
pasts@dvi.gov.lv
https://www.dvi.gov.lv/lv
67223131

 

Basic information about SIS

  • The Schengen Information System (SIS) is the most widely used and largest information sharing system in the field of security and border management in Europe. As there are no internal borders between Schengen countries in Europe, SIS substitutes border control and is the most successful cooperation tool for border, immigration, police, customs and judicial authorities in the EU and Schengen associated countries. Competent national authorities (including the State Border Guard) can enter and view alerts on people and objects in a single shared database.
  • The country that enters an alert and related data in SIS is the "data owner". This means that only this country is permitted and able to update and delete the alert.
  • The second generation of SIS (SIS II) with additional functions such as the ability to add fingerprints and photographs to alerts was introduced in 2013. Since March 2023 DNA profiles of persons declared missing or DNA of their parents, grandparents or siblings have been stored in SIS to confirm identity.
  • The system administrator functions regarding the Latvian national part of SIS (NSIS) are performed by the Information Centre of the Ministry of the Interior. It ensures the technical operation of NSIS and monitors compliance with the technical requirements set out in the regulatory acts governing the operation of SIS.

SIS legal framework

  • Regulation (EU) 2018/1860 on the use of the Schengen Information System for the return of third-country nationals illegally staying in the Member States;
  • Regulation (EU) 2018/1861 on the establishment, operation and use of the Schengen Information System (SIS) in the field of border checks;
  • Regulation (EU) 2018/1862 on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters.

In the Republic of Latvia, the procedure for maintaining and using SIS is determined by:

  • Law on the Operation of the Schengen Information System (adopted 14.06.2007)
  • Procedures for the Entering, Correction and Deletion of Alerts in the Schengen Information System, as well as Ensuring Accessibility of Supplementary Information between the SIRENE Bureau of Latvia and Procedures for the Exchange of Supplementary Information of Institutions and Authorities (Cabinet Regulation No. 639 of 18.09.2007);
  • Procedures for the Request and Issue of Information Regarding a Data Subject that is Kept in the Schengen Information System and the SIRENE Information System (Cabinet Regulation No. 622 of 11.09.2007).

SIS operational objectives and purposes of personal data processing

  • to ensure the security of the Schengen area without carrying out checks within internal borders;
  • to strengthen public order within the territories of the Schengen area states;
  • to help combat terrorism, cross-border crime and illegal migration;
  • to serve as a cooperation instrument for border, immigration, police, customs and judicial authorities in the EU and Schengen associated countries;
  • to search for criminals, missing persons, third-country nationals who are denied residence in Schengen area countries, persons whose actual place of residence needs to be ascertained for judicial purposes, persons and objects that are of operational interest, as well as to identify offenders by fingerprints and palm prints;
  • to prevent the abduction or disappearance of persons, including children, and to protect vulnerable persons (adults or children) from being unlawfully taken abroad.

Data subjects

(persons on whom alerts are entered in SIS)

  • third-country nationals who are subject to return decisions;
  • third-country nationals who are not entitled to enter into or stay in the Schengen area;
  • persons wanted for arrest;
  • missing persons;
  • vulnerable persons whose travel must be prevented;
  • children at risk of being abducted by their own parents, relatives or guardians;
  • persons sought to assist with judicial proceedings (for example, witnesses in criminal proceedings);
  • persons and objects being the subject to discreet, inquiry or specific checks:
  • unknown wanted persons (fingerprints and palm prints found at the scenes of terrorist acts or other serious crimes);

Data categories

  • identification data of the wanted person (at least name and surname; year of birth);
  • photographs of the wanted person*;
  • fingerprints and/or palm prints of the wanted person*;
  • information about objects associated with the wanted person, for example, about the vehicle used by the wanted person;
  • description or copy of the wanted person's identification document;
  • dactyloscopic data (fingerprints and/or palm prints*) found at crime scenes;
  • DNA profile of the wanted person or their family members* (only in cases of missing persons who need protection);
  • European Arrest Warrant (EAW) (if the person is wanted for arrest);
  • data on persons who have been victims of identity misuse.

Other data entered in SIS alerts:

  • reference to the decision that forms the basis for the alert;
  • action to be taken.

*Biometric data are used to facilitate identification and avoid misidentification.

Access to SIS data

Access to the information included in the SIS according to their competence specified in the laws and regulations governing the operation of the SIS is available to the authorities specified in Article 14 of the Schengen Information System Operation Law, including the State Border Guard.

SIS data retention period

Data included in SIS may be stored in the system only for as long as necessary to achieve the purpose of the specific alert. As soon as this is achieved, the data are immediately deleted.

More details about SIS data retention can be found here:

https://home-affairs.ec.europa.eu/policies/schengen-borders-and-visa/schengen-information-system/questions-and-answers_lv

Data subject rights with regard to SIS:

  • the right to access personal data retained in SIS;
  • the right to rectify inaccurate personal data or delete unlawfully stored personal data;
  • the right to bring an action before courts or competent authorities to rectify or delete personal data or to receive compensation for any losses incurred as a result of violations of data protection legislation.

How to exercise your rights?

The data subject can exercise the right of access and receive information about further actions related to the rights to rectification and deletion of data by submitting a written application (signed by hand or with a secure electronic signature) to the State Police (SIRENE Latvian National Unit[1], Rīgā, Čiekurkalna 1.līnijā 1, korpuss 4, telephone 67219053, e-mail: ssp@vp.gov.lv), or at the police unit of applicant's place of residence, or at diplomatic or consular representations of the Republic of Latvia.

Contact information for diplomatic or consular representations of the Republic of Latvia is available here: https://www.mfa.gov.lv/lv

The written request must include:

  • information about the applicant: name(s), surname, date of birth, personal identity number (if any), place of birth, nationality, type of identification document (if any), number, name of issuing authority, date of issue and expiry date;
  • the scope of information requested (information about the data subject, information about recipients of the data subject's personal data);
  • the method of receiving information (by personally visiting a State Police institution or representation, or by sending information to the specified address);

When submitting a request in person, the data subject must confirm one's identity by presenting one's identification document. If the request is submitted by an authorised person, they must present a notarially certified authorisation confirming the right to receive information about the data subject, or a document confirming the rights of parents, adopters, guardians or trustees.

Obtaining information is free of charge. A response is provided within 1 month.

Individuals may submit their requests in Latvian and English. Request templates are available on the official website of the State Police: https://www.vp.gov.lv/lv/sengenas-informacijas-sistema

If the State Police SIRENE Bureau of Latvia refuses to provide information, rectify or delete data in their response, the data subject has the right to submit a complaint to the national supervisory authority of the Member State. Applications to the Data State Inspectorate may be submitted in Latvian and English.

Contact information: Data State Inspectorate

dvi.gov.lv

E-mail pasts@dvi.gov.lv

Address: Elijas iela 17, RīgaLatvia, LV-1050

Additional information, as well as application and complaint templates (in Latvian and English) are available on Data State Inspectorate's official website: https://www.dvi.gov.lv/lv/sengenas-informacijas-sistema

[1] SIRENE Bureau of Latvia:

  • ensures the exchange of information between law enforcement authorities of Member States regarding persons or objects for which an alert has been entered in the Schengen Information System;
  • ensures the issuance of wanted notices for criminals in international search systems;
  • ensures the quality and legal validity of alerts to be entered in SIS – compliance with the requirements of the Schengen acquis;
  • coordinates search measures in Latvia for criminals wanted by foreign law enforcement authorities and for missing persons.
  • is the only institution in the country authorised to examine applications from natural persons and provide responses regarding the maintenance of the applicant's data in the SIS and SIRENE information system (a data processing system for processing additional information and alert messages).

 

Basic information about VIS

  • The Visa Information System (VIS) is designed for data exchange between Schengen Member States regarding short-term visa applications and related decisions. VIS records information, including biometric data, about third-country nationals who submit applications for Schengen visas;
  • Visa applications and visas issued, refused, extended, annulled and cancelled by the competent Latvian authorities are registered in the national visa information system (NVIS);
  • Personal data with biometric data submitted with a visa application are processed and stored in the central VIS system.

VIS legal framework

In the Republic of Latvia, the procedures for using VIS and NVIS are determined by Cabinet Regulation No. 676 "Visa Regulations" of 30 August 2011  (Visa Regulations), which have been issued in accordance with Section 3, Paragraph three, Section 12, Paragraph one, Clause 3, Section 13, Paragraphs three and four of the Immigration Law.

VIS operational objectives and purposes of personal data processing

  • to examine visa applications and related decisions;
  • to verify the identity of the visa holder and/or the validity of the visa when carrying out checks at external borders and within Member States;
  • to verify whether the conditions for lawful entry into and stay in the territory of the Member States are fulfilled and to identify persons who do not or no longer fulfil these conditions, including identifying persons who have no documents or have fraudulently obtained documents (combating illegal immigration);
  • to prevent "visa shopping";
  • to prevent the use of counterfeit documents and attempts to provide false information;
  • to protect travellers from identity theft;
  • to determine the Member State responsible for examining an asylum application;
  • to facilitate data exchange between Schengen countries on visa applications;
  • to help prevent, detect and investigate terrorist threats and other serious criminal offences.

Personal data stored in VIS may be transmitted to a third country or international organisation in accordance with Article 31 of the VIS Regulation and to the Schengen Agreement Member States in accordance with Council Decision (EU) 2017/1908.

Data subjects

Persons whose data are processed in the VIS system.

Data categories

  • alphanumeric data on the applicant, visas requested, visas issued, visas refused;
  • annulled, revoked or extended visas;
  • photograph *;
  • fingerprints data*;
  • links to previous visa applications and the application files of persons travelling together;
  • information about the inviter.

The scope of information to be included in the NVIS is determined by Article 53 of the Visa Regulations.

*The use of biometric data to verify the identity of the visa holder allows for faster, more accurate and more secure checks.

Authorities responsible for data processing

  1. Office of Citizenship and Migration Affairs (controller of the National Visa Information System (NVIS)):

contact information: pmlp.gov.lv, e-mail: pasts@pmlp.gov.lv

more information: https://www.pmlp.gov.lv/lv/vizas-ielugumi-un-uzaicinajumi

  1. State Border Guard

Officials of the State Border Guard issue single-entry uniform visas and visas with limited territorial validity at the border crossing points specified in Annex 1 of Cabinet Regulation No. 676 "Visa Regulations" of 30 August 2011. Officials of the State Border Guard issue visas marked "Diplomatic Visa" or "Service Visa" only upon request from the Consular Department.

contact information: rs.gov.lv, e-mail: pasts@rs.gov.lv

Access to VIS data

  • State Border Guard officials have the right to access information when it is necessary to verify a person's identity, to check authenticity of a visa, or to verify whether a person meets the requirements for entry and/or stay in any of the Schengen countries.
  • Asylum authorities have access to information if they need to determine which EU/EEA country is responsible for examining an asylum application.
  • Other national authorities and Europol may request access to information in special circumstances to prevent, detect and investigate terrorist offences and serious criminal offences.

VIS data retention period

Data in the VIS is stored for no longer than five years.

This period begins:

a) on the expiry date of the visa, if a visa has been issued;

b) on the day when the visa's new validity period ends, if the visa has been extended;

c) on the day when the application file was created in the VIS, if the application has been withdrawn, closed or discontinued;

d) on the day when the visa authority has taken a decision, if the visa has been refused, annulled or revoked.

Data subject rights regarding the VIS:

  • the right to receive information about oneself and about the Member State that has transmitted this data to the VIS;
  • the right to receive information about the recipients of personal data, unless the disclosure of this information is prohibited by law in the fields of national security, defence and criminal law;
  • the right to request that their personal data be supplemented or corrected, as well as to suspend their processing or have them destroyed if the personal data are incomplete, outdated, false, illegally obtained or no longer necessary for the purpose of collection;
  • the right to lodge a complaint with the national supervisory authority or to bring an action in court.

How to exercise your rights?

The data subject has the right to exercise their data subject rights in accordance with the General Data Protection Regulation: the right to access their personal data, request rectification of personal data, object to processing, the right to restrict the processing of personal data and, in certain cases, request the erasure of personal data. When the data subject contacts the NVIS controller with an application (in Latvian or English):

The data subject may contact the Office of Citizenship and Migration Affairs regarding matters concerning data rectification, as well as complaints about personal data processing. The Office of Citizenship and Migration Affairs' contact information is available on the website www.pmlp.gov.lv, as well as via e-mail: pasts@pmlp.gov.lv or in person:  Čiekurkalna 1. līnija 1, k-3, LV-1026, Rīga.

Office of Citizenship and Migration Affairs communicates with the data subject using the contact information provided by the data subject (telephone number, email address, e-address).

If the data controller has not provided a satisfactory response, the data subject has the option to submit a complaint to the Member State's national supervisory authority. Complaint templates (in Latvian and English) are available on the official website of the Data State Inspectorate.

Contact information: Data State Inspectorate, on the website www.dvi.gov.lv, pasts@dvi.gov.lvAddress: Elijas iela 17, RīgaLatvia, LV-1050

In accordance with Article 40(1) and (2) of the VIS Regulation, each data subject has the right to lodge a claim with the competent authorities or courts of the respective Member State if the data subject believes that the Member State has refused to implement their rights.