AGREEMENT ON ACCESS TO TRAFFIC REGISTER DATA No. 3.2-5/25/1339-1
Transport Administration, registry code 70001490, address Valge 4, 11413 Tallinn, Estonia
(hereinafter referred to as the Possessor), represented by Märten Surva, the Head of the Traffic Service Vehicle Register Department of the Transport Administration under a power of attorney,
and
SIA “PAUS KONSULTS”, registry code 40003352670, address Blaumana 38/40, Riga, Latvia, LV-1011 (hereinafter referred to as the User), represented by authorised representative/member of the Management Board Kristine Krumina (hereinafter separately referred to as the Party or jointly as the Parties),
on the basis of, inter alia,:
• the Road Traffic Act (hereinafter referred to as the RTA), in particular subsection 184 (4) thereof;
• Decree of the Government of the Republic No. 75 of 16 June 2011 Statutes of the Traffic Register (“Liiklusregistri pidamise põhimäärus”);
• Regulation of the Government of the Republic No. 105 of 23 September 2016 Data Exchange Layer for Information Systems (“Infosüsteemide andmevahetuskiht”);
• Regulation of the Minister of Economic Affairs and Communications No. 46 of 21 June 2011 Procedure for Accessing Electronic Data in the Traffic Register (“Liiklusregistri elektroonsetele andmetele juurdepääsu kord”;
• the Personal Data Protection Act (hereinafter referred to as the PDPA);
• Regulation No. 2016/679 of the European Parliament and of the Council (the General Data Protection Regulation) (hereinafter referred to as GDPR);
have concluded this agreement on access to Traffic Register data (hereinafter referred to as the Agreement) under the following terms and conditions:
1. OBJECT OF AGREEMENT
1.1. The object of the Agreement is the provision to the user, on the basis of their legitimate interest, of access to traffic register data in accordance with Annex 1 List of Data (hereinafter referred to as Data) via the data exchange layer for information systems (X-Road) (hereinafter referred to as Service).
1.2. The User is entitled to process the data in connection with filing a claim that has in connection with a parking violation in the territory of the Republic of Latvia against the owner of a motor vehicle (hereinafter referred to as the vehicle) or, if an authorised user is entered in the Traffic Register for the vehicle, the authorised user.
1.3. The User submits a query for a specific vehicle via the data exchange layer for information systems (X-road), indicating as input the vehicle registration number and the time of the parking violation (date and time to the second).
1.4. The Service will issue the personal identification code or registry code of the vehicle owner or the authorised user (hereinafter referred to as the Dataset) up to three (3) years from the moment of the parking violation, if the violation of parking conditions took place in the territory of the Republic of Estonia or in the territory of another European Union Member State.
1.5. The User confirms that they have thoroughly read and understood the Agreement and its Annexes and all of the laws and regulations, Possessor’s service descriptions and instructions and other documents referred to in the Agreement.
1.6. The user has provided a legitimate interest in entering into an analysis contract.
1.7. By signing the Agreement, the User confirms that the data will be processed only for the purposes stated in the Agreement, for specified and legitimate purposes and in accordance with laws and regulations.
2. AGREEMENT VALUE AND PAYMENT
2.1. The fee for one data set is 0,20 euros (hereinafter referred to as the Fee), plus VAT in the cases and to the extent provided by law. The fee for one data set starting from 01.01.2026 is 0,4 euros (hereinafter referred to as the fee), plus VAT in the cases and to the extent provided by law.
2.2. Payment shall be made once (1) a month on the basis of the invoice submitted by the Possessor and within the time limit indicated thereon.
2.3. When paying the invoice, you must indicate, among other things, the reference number shown on the invoice.
2.4. The Possessor has the right to unilaterally increase the fee once (1) a year up to a maximum of ten (10) %, subject to the provisions of clause 7.2. of the Agreement.
2.5. The invoice must be submitted by the Possessor in a machine-readable format as an e-invoice that complies with the Regulation of the Minister of Finance No. 24 of 11 April 2017 Establishment of the Instructions for Machine-readable Original Documents (”Masintöödeldava algdokumendi juhendi kehtestamine“). An invoice is deemed to have been received from the date of its receipt by the User 's invoice management environment. For non-residents, the invoice should be sent in PDF format to the User's contact e-mail address or as an e-invoice via the international Peppol system. The invoice must indicate the name of the contact person and the agreement number.
3. OBLIGATIONS OF PARTIES
3.1. The Possessor shall:
3.1.1. ensure the forwarding of the data in Annex 1 to the Agreement to the User without any obligation on the part of the Possessor to resolve any failure or malfunction of the Service (hereinafter referred to as Incident) within a specified time;
3.1.2. resolve incidents within a reasonable time;
3.1.3. provide explanations to the User about the object of Agreement, if necessary.
3.2. The User undertakes to:
3.2.1. comply with the terms and conditions set out in Annex 3 to the Agreement and fulfil the requirements set out in Annex 3 to the Agreement, as well as the terms and conditions of laws and regulations and of the Agreement;
3.2.2. process data obtained under the Agreement only to the extent necessary for the performance of their tasks under the Agreement and for purposes that are not in conflict with the RTA and the laws and regulations adopted pursuant thereto or other laws and regulations, including the PDPA and the GDPR;
3.2.3. not store the data, unless otherwise provided by law or the Agreement;
3.2.4. not to transmit or otherwise disclose the data to third parties, except in cases provided for by law. The data may be transferred, with the consent of the Possessor, to a lawyer, IT or postal service provider or other similar service providers for the purpose specified in the Agreement ensuring the confidentiality of the data by means of an agreement between the User and the lawyer or the relevant service provider;
3.2.5. ensure the lawful use of the service by means of organisational, physical and IT security measures;
3.2.6. immediately notify the Possessor representative and the Transport Administration of any incidents by e-mail to :
[email protected];
3.2.7. immediately inform the Possessor of any disclosure of data to third parties or the public, theft of information technology or other circumstances that may lead to the use of data by unauthorised persons;
3.2.8. pay for the Service in accordance with the Agreement.
4. SUPERVISION AND LIABILITY
4.1. The Possessor has the right to verify at any time the lawfulness of the processing of the Data and the User's compliance with the terms and conditions of the Agreement. To this end, the Possessor shall submit to the User an enquiry, at least in a form that can be reproduced in writing, to which the User must provide a substantial reply within five (5) working days, unless the parties agree on a longer period
4.2. Together with the response, the User undertakes to provide the Possessor with, inter alia:
4.2.1. an original photograph of the vehicle in JPG format, clearly identifying the vehicle and its registration plate, including in the metadata consisting of at least the exact time of taking the photograph, to the nearest second, and, if possible, a geo-tag containing the latitude and longitude (GPS coordinates) at minimum;
4.2.2. where necessary, any other evidence relevant to the case, which the Possessor requests.
4.3. The User undertakes to grant the Possessor permanent access to the database for the purposes of monitoring the processing of parking violations by creating user accounts for three members of the Possessor’s staff.
4.3.1. The user undertakes, as from the date of receipt of the notification of the monitoring, at the latest on the next working day to ensure access to the data in the database referred to in clause 4.3
4.4. The User is aware that in the event of a breach, non-fulfilment or improper fulfilment of the obligations undertaken in the Agreement, including the data processing requirements and any statutory personal data processing requirements, the User is obligated to compensate third parties or the Possessor for any damage caused by their acts or omissions. If the User breaches the data processing requirements under the law or the Agreement, they will be liable for the breach in accordance with the procedures set out in the Agreement and the laws and regulations, including the PDPA and the GDPR.
4.5. In addition to the obligation to compensate for damages, the User undertakes, at the request of the Possessor, to pay the Possessor a contractual penalty of up to five thousand (5000) euros for each breach of the Agreement in the event of non-performance or improper performance of the Agreement related to the breach of the data processing requirements. The User acknowledges that the amount of the fine provided for in the GDPR for the infringement of the requirements for processing personal data may be up to twenty million (20,000,000) euros or, in the case of an undertaking, up to four (4) % of its total worldwide annual turnover in the preceding financial year, whichever amount is higher. If the User exceeds the term set out in clause 4.1. of the Agreement, the Possessor is entitled to demand a contractual penalty of two hundred (200) euros for each day of delay.
4.6. The Parties have agreed that the User undertakes to represent the Possessor, at the Possessor's request and at its own expense, in all disputes (including court actions) with third parties in connection with the Agreement and to bear all costs of the proceedings, if the dispute was caused by an act or omission of the user or was otherwise attributable to the user.
5. AGREEMENT DOCUMENTS
5.1. The Agreement documents comprise the Agreement and any annexes thereto.
5.2. The Agreement includes three annexes.
5.3. In addition to the Agreement and its Annexes, the Parties shall be guided in the performance of the Agreement by the laws, regulations and standards in force in the Republic of Estonia and, if necessary, by other technical documents in the relevant field.
6. NOTICES BETWEEN THE PARTIES
6.1. All Agreement-related notices between the Parties must be given in writing unless such notices are informative by nature and their communication to the other Party has no legal consequences.
6.2. A notice is deemed to have been received by the other Party:
6.2.1. on the working day following the day on which the notification was forwarded, if the notification was forwarded to the other Party by e-mail;
6.2.2. within three (3) working days of the date of posting, if the notice was sent by the postal authority by a registered letter to the address indicated by the other Party.
6.3. Informative notices may be given by telephone.
7. AMENDMENTS TO AGREEMENT AND RESOLUTION OF DISPUTES
7.1. The Agreement may be amended by an agreement of the Parties. Amendments to the Agreement that are not in the same format as the Agreement are null and void unless otherwise provided in the Agreement. Amendments to the Agreement must be prepared as annexes to the Agreement. Amendments to the Agreement will enter into force after signature by the Parties or on another occasion specified in the Agreement.
7.2. The Possessor may unilaterally amend the Agreement in the cases provided for in the Agreement and if this is necessary as a result of a change in a provision of a law or a regulation or if it is necessary to modify the Service. The Possessor undertakes to notify the User of any unilateral amendments to the Agreement at least thirty (30) days in advance. If the User does not agree to the amendment of the Agreement, they may terminate the Agreement within thirty (30) days of receiving the said notice. If the User does not respond to the unilateral amendment of the Agreement submitted by the Possessor, they will be deemed to have accepted the amendment of the Agreement. In such case, the amendment shall take effect thirty (30) days after the notice referred to in this clause is sent by the Possessor to the User.
7.3. The parties have agreed that the user undertakes to represent the controller at its own expense in all disputes (including litigation) with third parties related to the Contract at the psessors's request, and to bear all the costs of the proceedings, if the dispute was caused by an act or omission of the user or was otherwise attributable to the user.
8. TERM OF AGREEMENT
8.1. The Agreement takes effect upon the signature thereof by the Parties.
8.2. The Agreement is entered into for a period of three (3) years. This period starts from the entry into force of the Agreement.
8.3. If, at least one (1) month prior to the expiry of the term referred to in clause 8.2 of the Agreement, the user does not submit a request and a legitimate interest for the renewal of the analysis contract, the Agreement terminates.
8.4. A Party has the right to terminate the Agreement without notice for a good reason, in particular if the other Party is in material breach of the Agreement. A material breach of the Agreement shall be deemed to be, inter alia, but not limited to, a repeated breach of a term of the Agreement, as well as a breach by the User of their obligations under clauses 3.2. and 4.1. of the Agreement (including a one-off breach of data processing requirements).
8.5. The Parties have the right to terminate the Agreement at any time by notifying the other Party at least thirty (30) days in advance.
8.6. If any provision of the Agreement is found to be invalid or unenforceable in full or in part in the future, the Agreement shall remain in force in all other respects.
8.7. The Agreement and the Annexes thereto shall be amended as necessary in the light of changes in the laws and regulations governing the Agreement.
8.8. The obligations of the User under the Agreement shall be fully applicable to any employee of the User or any other person for whom the User is responsible, as well as to any successor of the User, and any obligations of the Possessor under the Agreement shall be fully applicable to any successor of the Possessor. In the event of legal succession, the Agreement will be amended accordingly if the Party so requests.
9. OTHER TERMS AND CONDITIONS
9.1. The Agreement is signed by the Parties digitally.
9.2. The language of communication between the Parties shall be English.
9.3. The Parties are guided by the laws and regulations of Estonia in all matters not governed by the Agreement.
9.4. The representatives of the Parties represent and warrant that they have all the required rights and authorisations to enter into the Agreement on behalf of the entities they represent and that they are not aware of any impediments to the performance of the obligations undertaken and provided in the Agreement.
9.5. The Parties agree to take all appropriate measures to resolve points of dispute arising from the Agreement by way of negotiations, thereby not harming the contractual and statutory rights or interests of the Parties. If no agreement can be reached in this manner, all disputes arising from the Agreement shall be settled in accordance with the laws and regulations of the Republic of Estonia in the Harju County Court, unless otherwise agreed by the Parties.
9.6. Disputes will be settled on the basis of the English text.
10. CONFIDENTIALITY
10.1. The content of the Agreement is public information.
10.2. Facts relating to the performance of the Agreement, including the Data, are restricted information and may not be disclosed by the Parties to any third party without the other Party's written consent.
10.3. The Parties must not disclose information that has been declared confidential by one Party to non-contractual persons. The Parties must not use confidential information for purposes other than the fulfilment of contractual obligations unless the Parties have signed a written agreement that states otherwise or the demand for disclosure arises from laws or regulations or a court order.
10.4. If a Party considers particular information exchanged under the Agreement to be confidential, it must inform the other Party in writing.
10.5. The obligation of confidentiality referred to in clause 10.3 shall remain valid after the termination of the Agreement for a period of ten (10) years, unless a Party agrees to release the other Party from its obligation of confidentiality earlier.
11. CONTACT PERSONS
The Parties' contact persons for the substantive execution of the Agreement are:
Possessor: User:
Martin Tubalkain Kristine Krumina
Telephone: +372 5981 7141 Telephone: (+371) 29168600
E-mail:
[email protected] E-mail: HYPERLINK "mailto:
[email protected]"
[email protected]
12. CONTACT DETAILS OF PARTIES
Possessor: User:
Transport Administration SIA “PAUS KONSULTS”
Registry code: 70001490 Registry code: 40003352670
Valge tn 4, 11413 Tallinn Blaumana 38/40, Riga, LV-1011, Latvia
Telephone: (+372) 620 1200 Telephone: (+372) 67281771
E-mail:
[email protected] E-mail: HYPERLINK "mailto:
[email protected]"
[email protected]
_____________________ _____________________
/signed digitally/ /signed digitally/
Access to Traffic Register data Annex 1 to Agreement
List of data
1. The User will be granted access to the following Traffic Register data:
Service name: soidukParkimine.v1
Input:
1) vehicle registration number;
2) the time of the parking violation.
Output:
1) the personal identification code or registry code of the owner or authorised user of the vehicle;
2) if the status of the vehicle in the Traffic Register is ‘Transferred', the response 'No data returned' is returned.
Access to Traffic Register data Annex 2 to Agreement
Processing of personal data
1. The processing of personal data relating to the performance of the Agreement is subject to appropriate technical and organisational measures in such a way that the processing is in compliance with the requirements of the GDPR and
the requirements set out in the Personal Data Protection Act (hereinafter together referred to as the Personal Data Legislation).
2. The user is prohibited from involving another user without the prior written consent of the posessor, except for persons representing the user in legal proceedings to the extent of parking claims and as fixed in the user's representative's client contract or where the right arises by law.
3. The following personal data are processed under the Agreement:
3.1. the identity code of the owner of the vehicle who is a natural person;
3.2. the identity code of the user of the vehicle who is a natural person;
3.3. the identity code of the owner or the representative of the authorised user who is a legal person.
4. Under the Agreement, personal data are processed for the purpose of submitting a claim that has become enforceable against the natural person owner or the authorised user of the vehicle in connection with a parking violation.
5. Under the Agreement, the request for personal data and the response is transmitted via the Data exchange layer (X-tee).
6. Under the Agreement, personal data is processed only for the duration of the Agreement. After the expiry of the Agreement, personal data obtained under the Contract may be processed only in connection with a claim that has become enforceable in relation to cases of parking conditions violations submitted during the term of the Agreement or in any other case provided for in this Ageement and by law.
7. In addition to what is provided for in the legislation on personal data, the user is obliged to:
7.1. process personal data with due diligence and only to the extent necessary for the provision of the service agreed upon in the Agreement;
7.2. process personal data only on the basis of the posessors documented instructions;
7.3. keep personal data disclosed in the performance of the Agreement confidential;
7.4. comply with legal requirements on data security and implement adequate and up-to-date safeguards to protect data;
7.5. assist the posessor in fulfilling its obligations in relation to requests made by data subjects;
7.6. assist the posessor in complying with the obligations set out in Articles 32 to 36 of the GDPR, taking into account the nature of the processing and the information available to the user;
7.7. delete all personal data and existing copies of personal data obtained under the Agreement after payment of the contractual penalty, unless otherwise provided by law or the Agreement;
7.8. make available to the posessor all information necessary to demonstrate compliance with the obligations set out in Article 28 of the GDPR and allow and contribute to audits, including inspections, by the posesspor or another auditor authorised by the posessor.
Access to Traffic Register data Annex 3 to Agreement
Requirements for businesses
1. The Agreement for access to traffic register data is entered into with companies providing parking or debt collection services.
2. Companies must meet the following requirements:
• GPS-tagged and time-stamped photos in the electronic parking information system;
• providing the Administration with access to an electronic parking information system or an electronic environment through which the Administration can view the contractual penalty claims relating to parking conditions violations on the basis of which the register data are issued;
• the existence of a data protection specialist;
• the existence of a privacy policy;
• the register of personal data processing operations.
3. The company providing the parking services or the company from which the company providing debt collection services has purchased the claims, must, in addition to the terms and conditions mentioned in clause 2, fulfil the following requirements:
◦ correct traffic and information signs with parking requirements (including the amount of the contractual penalty, etc.) placed in a prominent position in the car park.
4. In order to be able to apply for vehicle owner/authorised user data from the register, the following conditions must be met:
• there is a parking agreement between the parking manager and the owner or authorised user of the vehicle;
• contractually agreed contractual penalties and/or parking fees;
• the Agreement has been breached and the parking manager has issued a contractual penalty and/or a parking fee claim following the breach;
• the contractual penalty claim and/or parking fee is outstanding;
• the contractual penalty claim and/or parking fee has not expired.