Personal Data Protection

As of May 25, the European Union General Data Protection Regulation will take force in Latvia. The new regulation replaces the Personal Data Protection Law, formerly in force in Latvia.

Key aspects of the new regulation:

  • The purpose of Regulation is to protect the confidentiality of individuals throughout the European Union. Many provisions stipulated by the Regulation are already in force in Latvia, and are fulfilled by Rigensis Bank AS. The Regulation specifies the ability of individuals to control the use of their personal data and determine the principles for their processing, storage and erasure.
  • Personal data include any (written, audio, video, electronic, biometric) information relating to an individual, such as date of birth, telephone number, postal address and e-mail address, photographic image, and other information that allows to identify a person.
  • Uniform regulation means that the requirements of the GDPR apply to all enterprises, institutions and organizations processing personal data of individuals. Requirements apply not only to banks, but also to insurance companies, medical institutions, retailers and other organizations.

Will the GDPR bring any changes to the relationships between Rigensis Bank AS and its customers?

  • The GDPR will not affect our relationships with customers. For the benefit of its customers, Rigensis Bank AS is currently reviewing its application forms for services and contracts to ensure that there is an appropriate basis for the collection and processing of personal data and that the customer’s consent is obtained.

Rigensis Bank AS processes customer data in one or more of the following cases:

  • processing is necessary to fulfill or to conclude a contract
  • the requirement for processing is set forth by law
  • processing is carried out for a legitimate interest
  • customer’s consent has been obtained

To whom may Rigensis Bank AS transmit personal data of customers?

Rigensis Bank AS may transfer personal data to third parties:

  • in cases established by laws and regulations, if the data are requested by any of the state institutions (in cases specified in Article 63 of the Law on Credit Institutions)
  • transfer is necessary in order to provide a service (fulfil a contract), namely:
    • servicing customers and provision of banking products
    • manufacturing and maintenance of payment cards
    • preparation of proposals on insurance
  • to other independent companies providing services to a customer of Rigensis Bank AS (for example, financial, investment companies or other credit institutions to whom the data is transferred in order to carry out a payment or another transaction of the customer)

Documents governing processing of personal data by Rigensis Bank AS: Privacy Policy and General Business Conditions.