PROCESSING OF PERSONAL DATA
- KNOWLEDGE AND ITS CONTACT INFORMATION
2.1. The controller of the personal data processing is the Company, legal address: Adazu novads, Baltezers, Virši-7 LV-2164, Latvia.
2.3. The contact details of the Company for processing personal data, as well as for submitting requests and informing the data subject of possible data breaches are firstname.lastname@example.org
- GENERAL PROVISIONS
3.1. Personal data is any information about an identified or identifiable natural person.
3.2.1. natural persons - clients of the Company (including potential, past and present), their representatives, real estate owners and other related persons;
3.2.2. for natural persons - representatives of the Company's Customers (legal persons), contact persons;
3.2.3. Visitors to public spaces, including those subject to video surveillance;
3.2.4. Visitors of Internet sites maintained by the Company;
3.2.5. persons whose personal data are processed on social networks in connection with activities organized by the Company.
3.3. The Company takes care of the protection of the privacy and personal data of the Clients, respects the Clients' right to the lawfulness of personal data processing in accordance with the applicable law - Personal Data Protection Law, Regulation 2016/679 of the European Parliament and the Council of 27 April 2016 the processing of personal data and the free movement of such data (hereinafter - the Regulation) and other applicable legislation in the field of privacy and data processing.
3.5. The Company shall observe the following basic principles of data processing when processing personal data:
3.5.1. legality and integrity;
3.5.3. purpose limitation;
3.5.4. adequacy (data minimization);
3.5.6. storage restriction;
3.5.7. integrity and confidentiality;
3.5.8. review liability.
- PURPOSE OF PROCESSING PERSONAL DATA
4.1. The Company processes personal data for the following purposes:
4.1.1. for the provision of services and the sale of services:
preparation and conclusion of the contract;
fulfillment of contractual obligations;
development of new services;
advertising and distribution of services for commercial purposes;
consideration of objections or claims;
debt recovery and recovery;
maintaining and improving web pages and mobile applications;
business planning and analytics;
customer safety, company property protection;
for other specific purposes.
The Company may also process the data for other purposes compatible with the original purpose, subject to appropriate rights of the data subject.
- LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
The Company processes the Customer's personal data mainly on the following legal grounds:
for the conclusion and performance of the contract - to enter into the contract upon the Customer's application and to ensure its execution (the contract also includes an oral agreement to purchase the service);
for compliance with regulatory enactments - to fulfill an obligation specified in binding external regulatory enactments of the Company;
with the consent of the data subject;
legitimate (legitimate) interests - to realize the legitimate (legitimate) interests of the Company or a third party arising from the obligations or agreement concluded between the Company and the Client.
The public's legitimate (legitimate) interests are:
to conduct business;
to verify the Customer's identity before providing certain services;
ensure fulfillment of contractual obligations;
to keep Customer's applications and applications for the provision of services;
design and develop services;
promote your services by sending commercial communications;
send other reports on the progress of the contract and any events relevant to the performance of the contract, as well as conduct customer surveys on the services and their usage experience;
prevent fraudulent practices against the company;
provide corporate governance, financial and business accounting and analytics;
ensure effective business management processes;
to ensure and improve the quality of service;
video surveillance for business security;
to inform the public about its activities;
other legitimate interests determined by the Company.
- PROTECTION OF PERSONAL DATA
The Company shall protect Customer Data using state-of-the-art technology, taking into account existing privacy risks and reasonably available organizational, financial and technical resources, including the following security measures:
intrusion protection and detection programs;
other protective measures in accordance with current technological development opportunities.
Technological and organizational measures for the protection of information (including personal data) are provided for in the internal laws and regulations governing the Company's information security and information systems.
- CATEGORIES OF PERSONAL DATA RECIPIENTS
The Company will not disclose to the third parties the Customer's personal data or any information obtained during the provision of services and during the term of the contract, including information about the goods and services received, except:
in accordance with the Customer's explicit and unambiguous consent;
by involving the controller in the processing of personal data in accordance with the concluded contract;
in accordance with the legitimate interests of the Company or a third party (to whom the data will be transferred), ensuring a balance with the rights and interests of the data subject, in accordance with the procedure and to the extent prescribed by external laws and regulations;
in cases prescribed by external regulatory enactments, to protect the legitimate interests of the Company, for example, in court or other state institutions against a person who has violated the legitimate interests of the Company.
- TRANSFER OF PERSONAL DATA
The Company shall not transfer personal data to third parties except to the extent necessary for the reasonable conduct of its business, provided that such third parties maintain the confidentiality of personal data and provide adequate protection.
The Company is entitled to transfer personal data to the Company's suppliers, subcontractors, strategic partners and others who assist the Company and its Clients in the conduct of commercial activities in order to carry out the relevant cooperation. However, in such cases, the Company requires the recipients of the data to undertake to use the information received only for the purposes for which the data were transmitted and in accordance with the applicable laws and regulations.
- PERSONAL DATA PROCESSING AREA
Personal data is processed in the European Union / European Economic Area (EU / EEA), however, in some cases, it may be transferred and processed in non-EU / EEA countries.
The transfer and processing of personal data outside the EU / EEA may take place if there is a legal basis to fulfill a legal obligation, to enter into or perform a contract, or with the consent of the data subject, and appropriate safeguards are in place. Adequate safeguards include, for example:
there is an agreement, including standard clauses of the EU Treaty or other approved provisions, a code of conduct, certifications, etc., approved under the Regulation;
In the non-EU / EEA country where the recipient is located, an adequate level of data protection is ensured in accordance with the decision of the EU Commission;
the recipient is certified under the Privacy Shield (applicable to recipients based in the United States).
- DURATION OF PERSONAL DATA STORAGE
The Company shall determine the periods for the storage of personal data in accordance with the following criteria:
personal data are kept for at least the time necessary to achieve the purpose for which they are processed;
personal data are kept for at least the legal retention periods;
personal data are retained for at least the duration of legal claims and / or legal proceedings against the Company to ensure the preservation of evidence.
After the above circumstances cease, the Customer's personal data shall be deleted or anonymised.
- RIGHTS OF DATA SUBJECTS
The Client has the right to receive the information specified in regulatory enactments regarding the processing of his / her data.
The Client has the right, in accordance with regulatory enactments, to request the Company to access its personal data, to request the Company to add, correct, delete or restrict processing with respect to the Client, to object to processing (including personal data processing based on the Company's legitimate interests), as well as the right to data portability. This right shall be exercised within the limits set by regulatory enactments.
The Customer may submit a request for the exercise of his / her rights in the following ways:
in writing at the Company's actual address: Adazi Municipality Baltezers Virši-7_LV-2614 or by postal service;
signing with a secure digital signature and sending it to email@example.com
Upon receipt of the Client's request for the exercise of its rights, the Company shall verify the Client's identity, evaluate the request and execute it in accordance with regulatory enactments.
The Company shall issue a response to the Client in a secure manner, verifying its identity.
The amount of information disclosed to data subjects may be limited in order to prevent adverse effects on the rights and freedom of others (including Company employees or other data subjects).
The Company undertakes to ensure the accuracy of personal data and relies on its Clients, suppliers and other third parties transmitting personal data to ensure that the transmitted personal data is complete and correct.
- CUSTOMER ACCEPTANCE OF THE DATA PROCESSING AND RIGHT TO WITHDRAW IT
The Client has the right to withdraw the consent for data processing at any time in the same way as it is given and / or by submitting a separate application. In this case, further processing based on the prior consent for the specific purpose will not be performed.
The revocation of consent does not affect the data processing performed during the period of the Client's consent.
Withdrawing consent may not interrupt the processing of data on other legal grounds.
Use of the photos in informative materials, website, public use of the premises of the institution or otherwise is permitted after the Customer has been informed pursuant to Article 13 of the General Personal Data Protection Regulation and no objections have been received to the use of the photos for the stated purpose.
- COMMERCIAL NOTIFICATIONS
Communication of commercial communications about the Company and / or third party services and other communications not directly related to the provision of the contracted services (eg customer surveys) shall be made by the Company in accordance with external laws or with the Customer's consent.
Communication, including commercial communications, may be made by the Company via automated calling or electronic communication devices.
The Customer gives his consent to the Company and / or its business partners to receive commercial communications in writing at the Company's actual address, on the Company's website and in mobile applications or any other place where the Company organizes marketing activities.
Customer's consent to receive commercial communications is effective until revoked (even after termination of the Service Agreement). The Customer may at any time opt out of receiving further commercial communications in any of the following ways:
sending an email firstname.lastname@example.org;
by calling the phone number: +371 26814339;
by submitting a written application to the Company;
by using the automated option provided in the commercial notice to opt-out of future notifications by clicking on the opt-out link at the end of the relevant commercial notice (email).
The Company will stop sending commercial communications as soon as Customer's request is processed.
By expressing his opinion in the surveys and leaving his contact information (e-mail, telephone), the Customer agrees that the Company may contact him using the contact information provided in connection with the Customer's assessment.
- WEBSITE VISITS AND COOKIES
- FINAL PROVISIONS