The provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) apply only to the processing of personal data.


Limited Liability Company “CSC TELECOM”, unified registration No 40003611196, legal address: Cēsu iela 31 K-3, Riga, LV-1012, tel. 67780000, e-mail address:

Purpose of Data Processing:

To provide to the Data Subject – a natural person – electronic communications services and to perform activities related to the provision of the service. 

Scope of Application of Data Processing:

The Controller processes personal data, including the data on the website managed by the Controller, for the provision of electronic communications services.

The Controller ensures that the Data Subject's personal data are protected in compliance with the GDPR requirements.

The Controller collects, processes and uses the Data Subject's data only to the extent necessary for the provision of the specific electronic communications service and for the conclusion of the Agreement.

The Controller guarantees and undertakes to take all necessary measures to ensure that the Data Subject's data are kept confidential and secure. 

The Purposes of and Legal Grounds for Data Processing:

The Controller may use the personal data submitted by the Data Subject (on the basis of the Agreement, a law, legitimate interests or consent of the Data Subject) for the following purposes:

Categories of Recipients of Personal Data

Personal data of the Data Subject may be transferred to third parties only to the extent and in the manner specified in the Agreement on the Provision of Electronic Communications Service or in the Terms of Use of the service.

The Controller undertakes to comply with the GDPR and other laws and regulations, as well as the provisions of the concluded Agreement when transferring the personal data of the Data Subject.

Personal data of the Data Subject may be transferred to:

Period of Storage of Personal Data

Personal data of the Data Subject are being processed only for the above purposes, and for as long as it is necessary to achieve the purposes, for protection of the interests of the Controller and Data Subject, or for complying with the time limits laid down in laws and normative acts.

The Controller destroys the personal data of the Data Subject as soon as the need to process them ceases.

Personal data is a restricted access information available only to employees who need access to this data to perform work tasks.

All employees of the Controller are trained to protect the rights of the Data Subject. 

Rights of the Data Subject

The Data Subject shall be entitled to a confirmation from the Controller whether or not personal data are being processed in respect of the Data Subject.

The Data Subject is entitled to:

Security of Personal Data

The Controller ensures and takes appropriate physical, technical and organisational measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction, or damage to personal data, including appropriate coding of personal data.

The Controller tests its security measures in place to ensure the processing of personal data.

The Controller ensures that persons authorised to process personal data have undertaken confidentiality obligations.