BALTIC COUNCIL FOR INTERNATIONAL EDUCATION GENERAL PRINCIPLES TERMS AND DEFINITIONS FOR PROCESSING PERSONAL DATA.
1. Personal data provider means any person who processes personal data and / or any person on whose behalf personal data is processed.
1.1. The main operator is the company BALTIC COUNCIL FOR INTERNATIONAL EDUCATION, registration number: 40008085919, address: 33/35 Gertrudes str, Riga, LV 1011, Latvia.
1.2. The authorized operator is the person authorized by the main operator to process personal data. The authorized operator is an internal employee of BALTIC COUNCIL FOR INTERNATIONAL EDUCATION.
2. "Data subject" means any natural or legal person who has shared its personal data to the Principal Operator and whose data is processed by the Principal Data Operator in accordance with the general principles of personal data processing.
3. Personal data - data about the data subject that the data subject sent / informed the operator of personal data via a website, e-mail or telephone. These data include the name, surname, phone number, e-mail address, address, passport number, date of birth, gender and other data that allow you to identify a person.
4. Personal data processing - any activity carried out with personal data, including collecting, recording, organizing, storing, changing, disclosing, accessing, viewing, extracting, using, transferring, sharing, merging, terminating, deleting or destroying personal data or some of the above actions, regardless of how the activities are carried out or what means are used.
5. "Third party" means any natural or legal person, with the exception of the data subject, the main operator, the authorized operator or the person processing personal data on behalf of the principal or authorized operator.
OBJECTIVES AND PRINCIPLES OF PERSONAL DATA PROCESSING
6. The personal data operator processes personal data for the general management of relations with customers and for the provision, sale, promotion and administration of products and services.
7. The personal data operator can not transfer, lease or transfer personal data or transmit them in any other way to third parties and for use by third parties (except in cases and where provided for in these General Principles of Personal Data Processing ).
8. When processing personal data, the personal data operator must comply with the principles stipulated in the Personal Data Protection Act and the General Regulation on Data Protection of the EU.
CONSENT OF THE DATA SUBJECT
9. Personal data is processed on the basis of the consent of the data subject indicated in accordance with Section 7 (1) of the Personal Data Protection Act and Article 6 (1) of the EU General Data Protection Regulations.
10. The data subject must consent to the operator of personal data to process his personal data in accordance with these principles and the purpose of processing personal data. To give their consent, the data subject must fill in the appropriate printed questionnaires or online forms on the website of the personal data operator www.balticcouncil.org or provide their data by e-mail or telephone.
11. Granting consent is a prerequisite for cooperation with the data subject, and uncoordinated consent means that the primary operator can not perform the requested service of the data subject.
12. The data subject may withdraw his consent at any time by notifying the operator of his personal data to the e-mail address firstname.lastname@example.org or unsubscribe from the electronic mailings sent by the Personal Data Operator. The withdrawal of consent does not affect the legality of the processing of personal data that occurred prior to the withdrawal of consent.
PROTECTION OF PERSONAL DATA AND RESPONSIBILITY
13. The personal data operator ensures the protection of personal data by all types of organizational, physical and IT security measures. The personal data operator confirms that all measures necessary to protect personal data have been implemented, the processing of personal data is limited to the extent necessary to achieve the purpose of processing personal data.
14. If the data subject has agreed to the processing of personal data in connection with the requested service, the personal data must be stored to refuse the consent of the data subject.
15. The personal data operator permits access to personal data only to those employees of the personal data operator who have the right to process personal data, and only to the extent necessary to achieve the purposes for which the processing of personal data is carried out.
16. The operator of personal data is responsible for compliance with the requirements set forth in the Personal Data Protection Act and the General Provision on Data Protection of the EU after its entry into force.
PROTECTION OF THE RIGHTS OF THE DATA SUBJECT
17. The data subject has the right to access his personal data stored by the Personal Data Operator and to obtain additional information on the processing of his personal data.
18. The data subject has the right at any time to apply for processing of his personal data, including requesting the termination of processing or disclosure of his personal data or the termination of access to personal data and / or the removal, correction or blocking of collected data, if this right is in compliance with the standards The law on the protection of data of individuals or any other law.
19. If the data subject discovers that the Personal Data Operator has violated his / her rights in the processing of personal data or if the data subject is requesting the deletion of his data, the data subject has the right to file a request to terminate or eliminate the operator's personal data violation via e-mail email@example.com . The data subject has the right to apply to the State Data Inspectorate or the court at any time to protect his rights.