ENG

 Riigikohus on Eesti Vabariigi kõrgeim kohus.
Põhiseaduse kohaselt on Riigikohus kassatsioonikohus ja
põhiseaduslikkuse järelevalve kohus. Riigikohtu pädevus
on sätestatud kohtute seaduses. 

- Eesti vabariigi põhiseadus -

Personal data processing

PrintPDF

This information on personal data processing has been prepared on the basis of article 12 “Transparent information, communication and modalities for the exercise of the rights of the data subject” of General Data Protection Regulation (EU) 2016/679 to notify natural persons of the principles of personal data processing and securing the rights of natural persons.

 

The information has been divided into two parts. The first part concerns activities performed, communications exchanged, and applications lodged outside court proceedings. The second part concerns activities performed, communications exchanged, and applications made within court proceedings.

 

Part I Activities performed, communications exchanged, and applications lodged outside court proceedings

 

1. What is personal data and when do we process it

 

1.1. Personal data means any information relating to an identified or identifiable natural person (data subject). A natural person is identifiable in particular by reference to an identifier (such as a name, personal identification code, location data, e-mail address, telephone number, an online identifier) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

1.2. Personal data of special categories includes personal data on the person’s racial or ethnic origins, political views, religious or philosophical convictions or trade union membership, genetic data, biometric data used for the unique identification of a natural person, health information or data on a natural person’s sexual behaviour or sexual orientation.

 

1.3. We process your personal data when you:

1.3.1.   visit our web page

1.3.2.   participate in our surveys and research

1.3.3.   participate in training courses we organise

1.3.4.   contact our customer support

1.3.5.   apply for a job at our organisation or participate in a judge’s competition or examination

1.3.6.   send us a letter that contains personal data and it is registered in our document management system.

 

2. Principles of personal data processing
 

2.1. The processing of personal data is legal, fair and transparent. Personal data is collected and processed for a specific purpose and following the principle of data minimisation. The personal data collected is correct and can be rectified, if need be.

 

2.2. Personal data is stored only for a specified period, after which it is deleted.

 

2.3. Security measures that protect data from unauthorised access, accidental loss and destruction are used in processing personal data.

 

3. Rights of a natural person

 

You have the following rights with regard to all the personal data we collect from you.

 

3.1. Right to gain access to your data

Natural persons have the right to learn whether his/her personal data is being processed, and if it is, s/he may request the data. Please submit a request to view your personal data. We must identify you before issuing personal data to you. This is why you must sign the request by hand or with a digital signature. We will issue the data to you in the format you require as soon as possible but no later than in 1 month since the time we received your request. If it is not possible to issue the data within 1 month, we will notify you of this and extend the reply deadline by up to 2 months. If you require the data on paper, we may request a fee of 0.19 euros per page starting from the 21st page (unless a state fee has been prescribed by law for issuing data).

 

3.2. The right to be informed about personal data processing

If we have collected your data, you have the right to know the purpose of the data collection, the persons to whom your personal data is or was forwarded, the length of the period when your data is stored and, in case the data was not collected from you, the source of your data. The right to access your data and get information about the persons to whom we have forwarded it may be restricted if providing data or information to you may:

3.2.1.   breach another person’s rights and freedoms

3.2.2.   hinder crime prevention or capturing a criminal

3.2.3.   hinder ascertaining the truth in criminal proceedings

3.2.4.   endanger protecting the secrecy of a child’s filiation.

 

3.3. The right to request the rectification of incorrect data

If you discover that data processed about you is incorrect or doesn’t reflect reality, you have the right to request that your incorrect personal data be rectified, or incomplete data be completed. For this, please submit a signed or digitally signed request as well as evidence to support your request and a description of the relevant circumstances. We will submit the information on rectifying, erasing or restricting the processing of your personal data to all parties who have received the data, except if it turns out to be impossible or demands a disproportionally great effort.

 

3.4. The right to demand the restriction and cease of data processing

If there is no (longer a) legal basis for processing, publishing, allowing access to your personal data or using it for a specific purpose, you may request that your personal data processing be restricted or ceased or that your data be erased, the publishing of your data be ceased or access to your data be restricted or prohibited. For this, please submit a substantiated signed or digitally signed request.

 

3.5. The right to object

You have the right to object to your personal data being processed. For this, please submit a substantiated signed or digitally signed request.

 

3.6. The right to turn to a data protection authority and/or administrative court

If you find that your rights and freedoms are being breached upon personal data processing, you have the right to have recourse to the Data Protection Inspectorate or an administrative court.

 

4. Website, correspondence and job applications

 

4.1. Website of the Supreme Court

The following information is collected and stored about persons who visit our website:

4.1.1.   computer’s or computer network’s internet address (IP address)

4.1.2.   time of visit (time, date, year)

4.1.3.   the section of the website you visited

4.1.4. The data is used for web traffic statistics to develop the website and make it more visitor friendly.

 

4.2. Correspondence

4.2.1. Letters, requests for information, inquiries and requests for explanation sent to the Supreme Court as well as their replies may contain personal data.

4.2.2. Any letter sent to the Supreme Court is registered in the document register.

4.2.3. Any inquiry that does not concern civil, administrative and criminal matters in proceedings at the court, but which includes proposals on organising the work of courts or state institutions is considered public. If an inquiry contains the personal data of a natural person, the court will not allow public access to it via the document register.

4.2.4. Only the inquiry’s registered details, including the sender’s initials, will be displayed in the document register. The inquiry will be released if a respective request for explanation is submitted to the court, but the natural person’s contact details will not be published.

4.2.5. If it has been mentioned in the inquiry that it is a public letter, it will be published in the document register together with the sender’s name and contact details, if these are included in the letter.

4.2.6. If the letter contains data that may breach the privacy of the person or other data, free access to which is prohibited by law, an access restriction will be imposed on it. If necessary, an access restriction is imposed on a letter received from any other institution by its sender.

 

4.3. Job applications

4.3.1. The Supreme Court stores documents related to applying for a job at the Supreme Court according to the deadlines specified in the document categorisation plan.

4.3.2. The Supreme Court does not store documents related to applying for the position of a judge for more than 5 years, i.e., the term of validity of judge’s examination results.

4.3.3. Candidates’ applications are entered into the document register.

4.3.4. Information of applying for and appointment to a judge’s position is public.

 

5. Open data

 

We do not publish document management system data and other information containing personal data as open data.

 

6. Personal data breach

 

We document all personal data breaches, including their circumstances, impact and the measures taken to alleviate them. We notify the supervisory authority (Data Protection Inspectorate) of all breaches without undue delay and within 72 hours of learning about the incident, if possible, except if the breach poses no likely threat to the rights and freedoms of natural persons. In the case of a substantial threat to the rights and freedoms of data subjects, they will be notified. The supervisory authority (Data Protection Inspectorate) may determine that it is not necessary to notify the data subjects.

 

7. Contact details

 

Additional information about personal data processing is provided by our data protection specialist.

E-mail: Toomas [dot] Anepaioatriigikohus [dot] ee.

 

8. Publication, supplementation and amendment

Information on personal data processing is published on the website of the Supreme Court, where we will also notify the public about any and all supplements and amendments.

 

9. Lodging complaints

 

If you are not satisfied with the information or solutions offered by our data protection specialist, please turn to:

Riigikohus Lossi 17 50093 TARTU

infoatriigikohus [dot] ee

General phone: +372 730 9002

 

Part II Activities performed, communications exchanged and applications lodged within court proceedings

 

1. Principles of personal data processing within court proceedings

1.1. If a person turns to the Supreme Court with a procedural complaint, the court processes their personal data for the arrangement of judicial proceedings and in conformity with the Personal Data Protection Act and procedure law. In general, the data of persons connected to court proceedings is public. Data is not published in the case of in camera proceedings.

 

1.2. In general, the Supreme Court does not issue personal data connected to proceedings to persons who are not participants to it. Data is forwarded only if there is a legal basis for it.

 

2. Publishing data connected to court proceedings

 

2.1. Personal data is published on the website of the Supreme Court in the section that includes procedural requests, matters in proceedings, the time of publishing judgements, requests submitted, and judgements made in constitutional review matters. This data is also available in Riigi Teataja.

The following data is published on the Supreme Court’s website in the aforementioned sections:

2.1.1. No. of civil matter, names of parties to the proceedings and general description of civil matter

2.1.2. No. of administrative matter, names of parties to the proceedings and general description of administrative matter

2.1.3. No. of constitutional review matter, names of parties to the proceedings and general description of constitutional review matter

2.1.4. No. of criminal matter, name of the suspect accused if they are of age and their initials if they are a minor, legal assessment of the criminal offence in which the person is accused pursuant to the respective section, subsection and clause of the Penal Code

2.1.5. No. of misdemeanour matter, name of person subject to proceedings if they are of age and their initials if they are a minor, legal assessment of the misdemeanour.

 

3. Publication of personal data in court decisions that have entered into force

 

3.1. In decisions made in administrative, civil and constitutional review matters, the names of the participants in the proceedings are generally published.

3.1.1. Upon a person’s request or at the initiative of the court, a person’s name is substituted with their initials or character, and their personal identification code, date of birth, registry code or address is not published.

3.1.2. The court may choose to publish only the conclusion of the judgement or refrain from publishing the judgement if it contains special categories of personal data and if publishing the personal data within the judgement may substantially breach the privacy of a person.

 

3.2. In decisions made in criminal and misdemeanour matters, the name and personal identification code or date of birth (if a person doesn’t have a personal identification code) of the accused or person subject to proceedings are published.

3.2.1. A minor accused person’s name and personal identification code is substituted with initials or characters, except if the decision to enter into force and pending publication is at least the third in which the minor has been found guilty of a criminal offence.

3.2.2. The names and other personal data of other persons are substituted with initials or characters by the court.

3.2.3. In some cases, the court may decide to publish only the introductory part and conclusion or final part of a decision to guarantee additional protection to personal data.

 

3.3. A person has the right to request that the publication of their personal data be ceased with regard to an already published decision pursuant to procedure specified in law.