Fiziskas personas datu aizsardzība GDPR

We draw your attention to the fact that the State Data Inspectorate is already actively conducting inspections of companies with regard to the processing of personal data and everything indicates that the reprimand period will have ended. An important signal in this area is the severe penalties for data protection supervisors in other EU Member States in 2020.

The guidelines of the Data State Inspectorate on the principles of application of administrative penalty sanctions already provide for severe penalties. Up to EUR 14000 for legal persons and up to EUR 700 for officials. The maximum theoretically possible penalty under the Regulation can be up to EUR 20 million.

The Regulation stipulates that any information relating to an identified or identifiable natural person (data subject) is personal data. Any information by which a person can be identified is considered personal data.

Our data protection specialist will perform an audit of personal data processing, develop a data processing register, provide consultations on data processing, etc.

Frequently asked questions and answers related to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

The data processing agreement is concluded between the Manager and the Processor. The data processing agreement stipulates the obligations of the parties, the obligation to report the breach, deadlines, etc.


1. What does GDPR mean?

General data protection regulation. It regulates the processing of personal data.

2. What is covered by the General Data Protection Regulation (GDPR)??

The GDPR Regulation applies to personal data. For the purposes of the Regulation, personal data means any information relating to a data subject (natural person) which may enable that person to be identified.

3. Why EU Regulation in Latvia?

The regulation entered into force in Latvia in 2018, replacing the local law. In essence, this Regulation provides that personal data may be requested and collected only if they have a specific demonstrable purpose. Also, if personal data is requested, it is subject to special protection requirements.

4. What does DSSLegal offer in relation to the General Data Protection Regulation?

DSSLegal offers the services of a data protection specialist. The Data Protection specialist will carry out an audit to identify existing personal data processing practices, establish a register of personal data processing, provide advice on data processing and take other actions related to compliance with the requirements of the Regulation.

5. Does data protection also apply to legal persons?

No, the regulation only sets requirements for the processing of personal data.

6. Is the data protection specialist responsible for data processing??

No, the data protection specialist advises and audits the processes of storing and deleting personal data, but the head of the company is responsible.