- General information
1.2. Details of the Controller:
SIA BALTA eko
Unified registration No.: 40003375832
Address: Valguma iela 10, Riga, LV-1048, LATVIA
1.3. Contact information for data protection matters:
1.3.1. Employee’s e-mail: email@example.com
1.3.2. .Data Protection Officer:
e-mail: firstname.lastname@example.org, tel.: +371 63026600
1.4. The Controller undertakes to protect the privacy of the Subject’s personal data as well as to process and accumulate only the personal data which have been lawfully collected and are necessary for ensuring the operation of the company, for compliance with laws, regulations and contractual obligations.
2. Area of Application of the Document
2.1. ‘Personal data’ means any information relating to an identified or identifiable natural person.
2.2.1. natural persons – representatives of clients, contact persons, partners and other users of services (including, potential, former and current), as well as third parties which, in relation to the provision of services to a natural person (clients, partners), receive or transfer any information to the Controller (including contact persons, payers, etc.);
2.2.2. visitors to the Controller’s office and other premises;
2.2.3. clients of the website maintained by the Controller, hereinafter — Clients
2.3. The Controller ensures the privacy of Clients and the protection of personal data, and observes the right of Clients to the lawfulness of personal data processing in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, and other applicable laws and regulations in the field of privacy and data processing.
3. Collection and Use of Personal Data
3.1. We can collect personal data from you at the moment when you provide information to the Controller to register yourself on the website www.jt.lv, receive information or consignments, leave a comment, ask a question, download files, contact the Controller or for other purposes. Please note that we will not collect personal data on you unless you provide this information voluntarily.
3.2. Data which can be collected by the Controller directly from you:
3.2.1. name, surname;
3.2.2. postal address;
3.2.3. e-mail address;
3.2.4. telephone number;
3.2.6. date of birth;
3.3. If you subscribe to our newsletter, the Controller can send information regarding organised activities, campaigns/lotteries and planned events to your specified e-mail address.
3.4. The Controller processes personal data for the following purposes:
- the preparation and conclusion of a contract;
- ensuring/maintaining the provision of services;
– the improvement of services, the development of new services;
– facilitating the use of services;
– the provision of services to partners;
– the examination and processing of objections;
– the improvement of loyalty; satisfaction measurements;
- the administration of settlements;
– the recovery and collection of debts;
– the maintenance of the website and the improvement of operation;
– statistics and operation analysis;
– planning and accounting;
– the measurement of effectiveness;
– ensuring data quality; – the preparation of reports;
– the performance of client surveys;
– other specific purposes, regarding which the Client is informed at the moment he/she provides the data concerned to the Controller.
4. Legal Basis for the Processing of Personal Data.
4.1. The Controller processes the personal data of the Client based on the following legal grounds:
4.1.1. for the conclusion or performance of a contract — to conclude a contract after the application of the Client and ensure its performance;
4.1.2. for the observance of laws and regulations — to comply with the Controller’s obligation determined by external laws and regulations;
4.1.3. according to the consent of the data subject;
4.1.4. for the purposes of lawful (legitimate) interests — the purposes of the legitimate (lawful) interests pursued by the Controller arising from the obligations or the contract concluded by the Controller and the Client, or the law.
4.2. The lawful (legitimate) interests of the Controller are the following:
4.2.1. to verify the identity of the Client before the conclusion of a contract;
4.2.2. to ensure the fulfilment of contractual obligations;
4.2.3. to prevent unjustified financial risks to its operation;
4.2.4. to analyse the websites of the Controller, develop and introduce their improvements;
4.2.5. to develop and improve services;
4.2.6. to advertise its services by sending informative messages;
4.2.7. to send other messages regarding the performance of a contract and events crucial for the performance of a contract, as well as to carry out Client surveys regarding services and their user experience;
4.2.8. to ensure and improve the quality of services;
4.2.9. to administer payments;
4.2.10. to administer outstanding payments;
4.2.11. to apply to state administration and operational working institutions and court for the protection of its legal interests;
4.2.12. to inform the public about its operation.
5. Data Security
5.1. The Controller protects Client data using modern technology possibilities, taking into account existing privacy risks and reasonably available organisational, financial and technical resources of the Controller, inter alia, taking the following security measures:
5.1.1. Data encryption when transmitting data (SSL encryption);
5.2. The company stores your personal information as long as is necessary to achieve the aforementioned purposes or fulfilling the requirements of laws.
5.3. All personal data which have become known to the Controller about the users of the website www.jt.lv are deemed confidential information. Personal data are processed and used solely for the purpose specified herein and to the necessary extent.
5.4. In processing and storing personal data, the Controller ensures the protection of personal data from accidental or unlawful disclosure, change or any other unlawful processing.
5.5. Access to data processing and modification functions is granted to authorised responsible persons of the Controller.
5.6. The Controller does not disclose to third parties the personal data of the Client or any information obtained during the provision of services and the validity period of a contract, including information regarding received services, except the following:
5.6.1. if data have to be transferred to the third party concerned within the framework of a concluded contract in order to fulfil a function necessary for the performance of the contract or delegated by law (for example, to a bank within the framework of settlements or to ensure the service);
5.6.2. in accordance with explicit consent from the Client;
5.6.3. to persons stipulated by laws and regulations at their justified request, pursuant to the procedures and to the extent determined by external laws and regulations;
5.6.4. in the cases determined in external laws and regulations for the protection of legitimate interests pursued by the Controller, for example, by applying to court or other state institutions against the person who has infringed upon these legitimate interests of the Controller.
6. Storage of Personal Data
6.1. The Controller stores and processes the personal data of the Client as long as at least one of the following criteria exists:
6.1.1. only as long as the contract concluded with the Client is valid;
6.1.2. as long as the Controller or the Client can pursue their legitimate interests (for example, to submit objections or establish or exercise a claim in court) pursuant to the procedures laid down in external laws and regulations;
6.1.3. as long as any of the parties has a legal obligation to store data;
6.1.4. as long as the consent of the Client to the processing of personal data is valid, unless there is another legal basis for the processing of data.
6.2. After the referred to circumstances cease to exist, the personal data of the Client are erased.
7. Rights of the Data Subject (Client’s Rights)
7.1. The Controller undertakes to ensure the accuracy of personal data according to the information which has become known to an association while using the website www.jt.lv.
7.2. Visitors to the website have the right to access their personal data by sending a request to the Controller for the provision of information by e-mail to: email@example.com.
7.3. Visitors have the right to request the following information:
7.3.1. the purpose of and legal basis for the processing of personal data;
7.3.2. the date of last data modification;
7.3.3. the source of collection of personal data;
7.3.4. information regarding whether personal data are processed by automated means; and
7.3.5. other information, if stipulated by laws and regulations.
7.4. In accordance with laws and regulations, the Client has the right to obtain from the Controller access to his/her personal data, as well as to obtain from the Controller the supplement, rectification or erasure of data, or restrictions on the processing of personal data with regard to the Client, or the right to object to processing (including to the processing of personal data for the purposes of legitimate interests pursued by the Controller), as well as the right to data portability. These rights can be exercised in so far as the processing does not arise from the obligations of the Controller, imposed thereon by applicable laws and regulations and fulfilled for the purposes of public interests.
7.5. Visitors to the website www.jt.lv have the right to obtain from the Controller the supplement and rectification of their personal data, the termination of data processing or the erasure of data, if they are outdated, incomplete, false, unlawfully processed or no longer comply with the referred to purpose of data processing. In the event you wish to erase your personal data or make changes therein, or you have any questions regarding the use of your personal data, please contact the Controller by email: firstname.lastname@example.org.
7.6. The Client has the right to receive information determined by laws and regulations with regard to the processing of his/her data.
7.7. The Client may submit a request for the exercise of his/her rights:
7.7.1.in writing in person at the Controller’s office, producing a personal identification document;
7.8. After receiving the Client’s request for the exercise of his/her rights, the Controller checks the identity of the Client, examines the request and fulfils it in accordance with laws and regulations.
7.9. The Controller provides a reply to the Client by post to his/her specified contact address in a registered letter or by e-mail, taking into account the method of receiving the reply specified by the Client as much as possible.
7.10. The Controller ensures the fulfilment of data processing and protection requirements in accordance with laws and regulations and, in the event of Client objections, takes appropriate measures to address objections. However, in the event of failure to do so, the Client has the right to apply to the supervisory authority, i.e., the Data State Inspectorate.
- General information