Privacy Policy of SIA "Liepkalni"
The aim of the Privacy Policy is to provide information to data subjects, physical persons, regarding the purpose, legal basis, scope, protection, and processing period of personal data during its acquisition and processing by SIA "Liepkalni".
Hereby, we provide the information required under Articles 12-14 of the General Data Protection Regulation on how SIA "Liepkalni" processes personal data. This information concerns physical persons, including those associated with legal persons and institutions.
Controller and Contact Information
The controller of personal data processing is SIA "Liepkalni", registration number: 44101001966, legal address: Valmiera municipality, Naukšēni parish, "Liepkalni", LV-4244, Latvia (hereinafter referred to as the "Company"). Contact information of the Company regarding personal data processing issues - phone: +37126311683, email: agne.eglite@liepkalni.lv. Using this contact information or visiting the Company's unit at Mūrmuižas iela 16d, Valmiera, Latvia, questions regarding personal data processing can be addressed. Requests for the exercise of rights can be submitted in accordance with the General Data Protection Regulation and this Privacy Policy. The Company's contact information for reporting potential data breaches is agne.eglite@liepkalni.lv.
General Provisions
- Personal data means any information about an identified or identifiable natural person.
- The Privacy Policy applies to ensuring privacy and personal data protection for the following groups collectively referred to as "Clients":
2.1. Company clients (including potential, former, and current ones);
2.2. Visitors to the Company's maintained website;
3. The Company, in accordance with each group of data subjects listed in point 5 of this document, obtains and processes the following categories of client data: client's name, surname, email address, telephone number, delivery address, payment information, technical browsing data (IP address, technical browsing information), any other information provided on the Company's website and during the use of offered services or contacting the Company.
4. The Company ensures the privacy and protection of client data, respects clients' rights to the lawfulness of personal data processing in accordance with applicable laws - the Personal Data Processing Law, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as "Regulation"), and other applicable laws in the field of privacy and data processing.
5. The Privacy Policy applies to the processing of personal data regardless of the form and/or medium through which the client provides personal data (in person, on the Company's website, in paper format, or by phone).
Purpose of Personal Data Processing
The Company processes personal data for the following purposes:
6.1. Provision of services:
- Identification of the client's (or legal entity's) representative;
- Preparation and conclusion of contracts;
- Service delivery (fulfillment of contractual obligations);
- Development of new services;
- Handling of complaints or claims;
- Administration of payments;
- Debt recovery and collection;
- Maintenance and improvement of the website's operation.
6.2. Business planning and analytics;
6.3. Client security, protection of company property;
6.4. For the legitimate interests of the Company:
- to carry out commercial activities;
- to verify the identity of the client's (legal entity's representative or authorized person, natural persons) before purchasing services;
- to ensure the performance of contractual obligations;
- to retain client applications and requests for service provision;
- to carry out activities for client attraction and/or retention;
- to segment the client database for more effective service provision;
- to develop and improve services;
- to advertise services by sending commercial messages;
- to send other messages about the course of the contract and significant events related to the contract performance, as well as to conduct client surveys on services;
- to prevent fraudulent activities against the company;
- to ensure effective company management processes;
- to ensure and improve the quality of services;
- to administer payments;
- to conduct video surveillance for business security;
- to inform the public about its activities.
Legal Basis for Personal Data Processing
- The legal basis for the personal data processing carried out by the Company for the following purposes is as follows:
7.1. Provision of services: Article 6(1)(a), (b), (c), and (f) of the General Data Protection Regulation.
7.2. Business planning and analytics: Article 6(1)(f) of the General Data Protection Regulation. 7.3. Client security, protection of company property: Article 6(1)(f) of the General Data Protection Regulation.
7.4. Company's legitimate interests: Article 6(1)(f) of the General Data Protection Regulation.
Categories of Recipients of Personal Data
- The Company does not disclose client personal data or any information obtained during the provision of services and contractual activities to third parties, including information about services received, except:
8.1. with the clear and unambiguous consent of the client;
8.2. if necessary for the performance of a contract concluded with the client;
8.3. to carry out the legitimate interests of the Company or to comply with the Company's legal obligations;
8.4. in the cases and to the extent specified in laws and regulations;
8.5. to ensure the performance of an agreement between the Company and the client.
9. The Company may share personal data with authorized processor categories, such as service providers, technical support, payment processing, delivery, and postal services, including processors operating outside the European Union. The Company ensures that any transfer of personal data outside the European Union is carried out in accordance with the requirements of the Regulation.
10. The Company's employees and associates are trained in personal data protection matters and have signed confidentiality agreements. Access to personal data is provided only to those Company employees and associates who need it to perform their job duties.
Data Retention Period
- The Company retains personal data for as long as it is necessary for the purposes for which it was collected, as well as to comply with legal obligations and ensure the Company's legitimate interests.
12. Personal data processed for the provision of services is stored for as long as the contract is in force and during the statutory limitation period of claims arising from the contract (usually ten years).
13. Personal data processed on the basis of the client's consent is stored until the consent is withdrawn, unless there is another legal basis for processing.
Rights of Data Subjects
- Data subjects have the following rights:
14.1. To request access to personal data;
14.2. To request the correction or deletion of personal data or the restriction of the processing of personal data;
14.3. To object to the processing of personal data;
14.4. To data portability;
14.5. To withdraw consent to the processing of personal data if the processing is based on consent;
14.6. To lodge a complaint with the Data State Inspectorate regarding personal data processing.
15. Requests regarding the exercise of data subject rights may be submitted to the Company in writing or electronically using the contact information specified in paragraph 2 of the Privacy Policy.
Final Provisions
16. The Privacy Policy is available on the Company's website and is subject to periodic review and update.
17. The Company may amend this Privacy Policy at any time by publishing a new version on its website.
18. This Privacy Policy was last updated on 01.03.24.
19. If you have any questions or comments about this Privacy Policy, please contact us using the contact information provided.