How can we help foreign persons and authorities
These materials are being changed according to the new data protection regulation.
Who we are
Estonian Data Protection Inspectorate is national supervisory authority according to:
- EU Directive 95/46/EC on protection of personal data,
- EU Directive 2002/58/EC on privacy and electronic communications,
- EU Framework Decision 2008/977/JHA on personal data in police and judicial cooperation in criminal matters,
- Council of Europe Convention 108 on automatic processing of personal data,
- Council of Europe Convention 205 on access to official documents (not yet in force).
We can help you if
- Your privacy rights are violated in processing of your personal data;
- It also covers problems of granting access to your personal data in Schengen and Europol databases;
- You have problems with spam messages;
- You are refused to access to Estonian public sector information.
Majority of cases are about ongoing unlawful processing of personal data where our goal is to eliminate violation by warning or by coercion. Imposing punishments is not our first choice.
On international cases we also cooperate with corresponding foreign authorities.
When we cannot help you:
- Crimes like intentional identity theft – you should turn to police;
- Slander, other private disputes and compensation for damage – you should turn to civil court;
- We do not act in case where there are no legal body, establishment or personnel in Estonia.
How to reach
- Question. For asking general advice, interpretation of the law.
- Complaint. To seek protection of your violated privacy rights.
- Challenge. To grant access to Estonian public sector information after denial.
We do not have mandatory forms to fill in. Those on our website are recommended and helpful.
When filing a complaint or challenge either digital or handwritten signature is required.
In sensitive cases to exclude any doubts of identity we may ask simple or certified copy of identity document or certified signature.
For international cooperation between Data Protection Authorities all authorities are most welcome to use OECD form or Schengen best practices.
Our working language is Estonian. We accept also documents in English. You can expect answer from us to your question also in English if needed. In case of complaint/challenge we provide translation of the main outcome or final resolution.
For international cooperation between authorities we use English.
Please see also Schengen information link in Russian.
We handle questions, complaints and challenges within 30 days. Handling complaint can be extended to another 60 days.
We give notice in case of extension. But we do not give notices when receiving your letter. Instead of it we have web-based index of documents in Estonian.
Publication of decisions
According to law we publish our precepts and decisions on our website without personal and other restricted data in Estonian.
Decisions on misdemeanour fines are publicly available in Punishment Register during 1 year after payment of the fine. Punishments imposed on minors and also on persons who have only one valid record with the fine less than 200 € are not available.