Globalisation and rapid technological advance tend to make personal information publicly and globally available, especially via social networking sites. Yet everyone has the right to protect their personal data and to control third-party access. The General Data Protection Regulation, which Latvia must apply from 25 May 2018, focuses on the need to protect personal data in a big way and imposes stiff penalties for failure to comply with data protection requirements. In practice, personal data is indispensable when it comes to signing a contract of employment, in payroll calculations, invoices, agreements etc. This article explores some of the statutory aspects to be considered by accountants routinely handling source documents and processing personal data.