PERSONAL DATA PROTECTION
- The Parties may perform personal data processing within the
framework of this Agreement in accordance with Regulation of
the European Parliament and of the Council (EU) 2016/679 of
27 April 2016 on the protection of natural persons with regard to
the processing of personal data and on the free movement of
The Parties confirm and shall undertake to ensure that the
information (data) they acquire from the other party (including -
information, data from this webpage, B2B system) shall not be
delivered to third persons without the consent of the other party.
The Parties shall implement appropriate technical and
organisational measures in order to ensure that by default only
such personal data, which are required for activities of the
parties within the framework of this Agreement, are processed,
and for each particular purpose of processing. The above
mentioned obligation shall refer to the scope of collected and
transferred personal data, degree of processing, period of
storage and availability thereof.
The Parties shall ensure, review on a regular basis and improve
protection measures in order to protect personal data from
unauthorised access, accidental loss, disclosure or destruction.
One Party shall not be held liable for any unauthorised access to
personal data and/or personal data loss if it is not dependent on
the Party, for example due to the fault and/or negligence of the
other Party or third person.
In the case of a personal data protection breach the Party shall
immediately notify the other Party of such, but shall not notify
the competent supervisory authority (State Data Inspectorate -
www.dvi.gov.lv), of the personal data protection breach
without unjustified delay, not later than within 72 hours from
the moment when the Party has become aware of the breach,
except for in cases when it is unlikely that the personal data
protection breach could cause a risk to the rights and freedoms
of natural persons.