Privacy policy

Here you will find an overview of the cases in which we or third parties may come into contact with your personal data, as well as information about the purposes for which we use and store the collected data, and which rights you have at processing the data.

The activities of the Competition Authority are public. Public information generated in the course of the activities of the Autority can be accessed on the website of the Authority. Public documents can be accessed on the website in the document register. Documents that may contain information with a restriction of access shall be issued when a request is filed.

During our work, we also acquire personal data, including sensitive and private information. Your private information may also be exposed to us – for example, if you write to us, apply for a job or are a party to a procedure. We care about your privacy, consider the confidentiality and security of your personal data important, use the personal information disclosed to us carefully and purposefully.

Access to personal data has been restricted by both the Public Information Act and the Personal Data Protection Act. We do everything we can to ensure with our internal work arrangements that your private life is interfered as little as possible, to protect your personal data and to comply with data protection and privacy laws.

If you find that the processing of your data infringes your rights, you have the right to contact the Data Protection Inspectorate or the court. Contact details of the Data Protection Inspectorate: phone +372 627 4135; e-mail [email protected].

In all matters relating to the processing of your personal data by the Competition Authority, you will receive a response from our data protection officer. Please write to [email protected] If you are interested if and how we use/protect your personal data, please read the following explanations. The principles described below do not apply to the processing of data of legal persons and other authorities and do not cover the processing of personal data on the websites referred to on our website (foreign links).

The two types of personal data are personal data and special types of personal data. Personal data is data directly or indirectly identifying a natural person. Direct identification is made possible, for example, by the person's name, date of birth, personal identification code, e-mail address, residential address, usernames, phone number, photo of the person. Indirectly, a person can be identified, for example, on the basis of health status, IP address, cookies, nickname, purchasing power, economic status or car data.

Special types of personal data (delicate personal data) are data which reveal racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic data, biometric data used to uniquely identify a natural person, health data or data on the sexual life and sexual orientation of a natural person.

Also deemed to be sensitive is information collected in criminal proceedings or other proceedings for ascertaining an offence before a public court session or making a decision in an offence matter or if it is necessary for the protection of morality or the family and private life of persons or if the interests of a minor, victim, witness or justice so require. Statistical data is not considered personal data if there is no possibility of unambiguously identifying the person concerned.

A person or agency engaged in the processing of data is considered the processor of personal data. Processing means any operation carried out with data, which may include reading, collecting, saving, arranging, storing, modifying, granting access to, querying, extracting, using, transmitting, cross-using, merging, transferring, closing, erasing or destroying, regardless of the manner in which the operations are carried out or the means used.

At the legislative level, the Competition Authority is a processor who processes personal data on the basis of law.

You have the right to access the data we have collected about you. For this, we recommend that you submit a request for information, signed manually or digitally, so that we are convinced of your identity when issuing personal data. Data collected about you will only be issued to you. We only issue your personal data to third parties in the cases provided by law.

We will issue the data about you according to your request, either on paper or by electronic means, within the time limit provided by law.

We refuse to grant your request for access only if it may:

  • damage the rights and freedoms of another person;
  • damage national security;
  • obstruct or damage the prevention, detection, processing or execution of penalties.

You have the right to request the correction of incorrect personal data. If we have no (more) legal basis for the use of your personal data, you may request that the use be restricted or the data deleted.

You have the right to object to our decisions and actions in the form of an opposition or to apply to an administrative court.

We use your personal data for replying to you. If we have to make inquiries from someone else to reply to you, we will only disclose your personal data to the minimum, essential extent. If you have sent us a request for clarification/intervention/information to which another authority is competent to answer, we will forward it there. We will notify you if we do that.

Correspondence with you can also be used internally to assess the quality of our work. We publish correspondence statistics and summaries impersonally, without names. According to the law, the correspondence dataset is visible in our public document register. It shows the initials of the sender or recipient of the letter, not the name. The title of the document is "Incoming letter" or "Outgoing letter," respectively. The more detailed title can only be seen internally within the Authority. We do so to protect your private life, as we often receive letters about sensitive topics.

If you write to us on behalf of a legal person or agency (for example, as a journalist working for a publication), please use your professional contact details, not your personal contact details. These contact details shall be public in the document register. Access to the correspondence with private persons is restricted. If someone wants to access your correspondence and files a request for information, upon receipt of the request for information, we will review whether the requested document can be issued in full or must be issued in part. Restriction of access depends on the content of the document. Possible grounds for restrictions of access are set out in § 35 of the Public Information Act.

Despite the restriction of access, we issue a document to an authority or person who has a direct legal right to ask for it (e.g. investigative body, body conducting extra-judicial proceedings or court). To increase public awareness, we write procedural news. When we compile news articles, we do not excessively interfere with the private lives of those involved.

The law allows us to disclose the facts of correspondence if there is an obvious public interest (subsection 38 (1), 30 (4) of the Public Information Act). This right is exercised only in very exceptional cases and we refrain from excessively interfering the private lives of those involved. Among other things, we reserve the right, if a person himself or herself brings procedural information to the public, to provide explanations about our activities to the public, if necessary. We do not disclose information to a greater extent than the person himself/herself has previously disclosed. The preservation periods for documents are determined in accordance with the legislation in force. Upon expiry of the term of preservation, the documents are generally subject to destruction. The exact time of preservation of your data can be found in the list of documents by the serial identifier of the document, i.e. index.

The conduction of criminal procedure is regulated in detail by the Code of Criminal Procedure and the conduct of misdemeanour proceedings is regulated by the Code of Misdemeanour Procedure together with the Code of Criminal Procedure. We shall disclose the information of the person who submitted the notice of misdemeanour or the notice of criminal offence to other participants in proceedings to the extent prescribed by the procedural codes and necessary for the adjudication of the matter. The participants in proceedings may examine the materials pursuant to the procedure prescribed in the Procedural Acts. The law allows us to disclose facts related to offence proceedings only in exceptional cases. In the case of misdemeanour proceedings, the disclosure of data is regulated by § 62 of the Code of Misdemeanour Procedure. In the case of criminal proceedings, the disclosure of data is regulated by § 214 of the Code of Criminal Procedure. We intend to exercise this right only in cases of great urgency and by avoiding excessive interference with the private lives of those concerned. Among other things, we reserve the right, if a person himself or herself brings procedural information to the public, to provide explanations about our activities to the public, if necessary. We do not disclose information to a greater extent than the person himself/herself has previously disclosed.

Restriction of access depends on the content of the document. Possible grounds for restrictions of access are set out in § 35 of the Public Information Act.

Detailed requirements for access to criminal records are set out in Chapter 3 of the Criminal Records Database Act.

If you visit our website and examine the information there, we collect impersonal statistical information about it. The information to be collected is the visitor's location by the accuracy of city, and the articles/headings viewed on our website. We use statistics to develop and make the website more user-friendly. The collected data cannot be linked to the visitor's personal data. The Competition Authority does not record calls.

When applying for a job in the Competition Authority, we will only use the information and public sources diclosed by the candidate himself/herself. We assume that we can contact the persons named as the candidate’s recommenders.

Access to the data of candidates will be granted only to the employee of the Cooperation and Support Services Department of the Authority and to the members of the competition committee. We do not disclose the data collected about the candidates to other candidates and third parties not involved.

The candidate has the right to know what data we have collected about him/her. A candidate has the right to examine the data collected by us and, if he or she wishes, give explanations and submit objections. Candidate data are restricted information to which third parties (including competent authorities) can access only in the cases provided by law.

We will preserve the data of non-elected candidates for 1 month.

If you submit a CV to us when applying for an internship, the same requirements apply as when applying for a job.

If a personal data breach occurs in the Authority and constitutes a likely threat to the rights and freedoms of a person, we will fill in the required documents. We will certainly take measures to put an end to the breach immediately. If the breach is likely to result in a serious threat to your rights and freedoms, we will also notify you. The purpose of the notification is to enable you to take the necessary precautions to alleviate the situation yourself.

Last updated: 15.09.2023