1. The manager of personal data processing is ITVISS SIA, unified registration no. 40003818213, legal address Bērzaunes iela 11a - 8, Riga, LV-1039.
2. ITVISS SIA contact information in matters related to personal data processing - e-mail: email@example.com. Using this e-mail address, it is possible to ask the data controller questions about the processing of personal data. A request for the exercise of one's rights can be submitted in accordance with clause 23.
3. Information on possible data protection violations can be transferred to ITVISS SIA by sending to the e-mail address firstname.lastname@example.org.
4. Personal data is any information about an identified or identifiable natural person.
5.1. for natural persons - clients of ITVISS SIA (including potential, former, and existing);
5.2. for visitors to the office and other premises of ITVISS SIA, including those for which video surveillance is carried out;
5.3. for visitors to the website maintained by ITVISS SIA;
5.4. For persons whose personal data is processed in social networks in connection with the marketing activities organized by ITVISS SIA.
6. ITVISS SIA takes care of Clients' privacy and personal data protection, and respects Clients' rights to the legality of personal data processing in accordance with the applicable legislation - the Data Protection Law of Natural Persons, Regulation 2016/679 of the European Parliament and the Council of April 27, 2016, on natural persons protection regarding the processing of personal data and the free movement of such data (hereinafter - the Regulation) and other applicable laws in the field of privacy and data processing.
8. ITVISS SIA processes personal data for the following purposes:
8.1. For providing services and selling goods:
8.1.1.for customer identification;
8.1.2.for the preparation and conclusion of the contract;
8.1.3.for delivery of goods and delivery of services (fulfillment of contractual obligations);
8.1.4.for the development of new goods and services;
8.1.5.for advertising and distribution of goods and services or for commercial purposes;
8.1.6.for customer service;
8.1.7.for consideration of objections or claims;
8.1.8.for keeping customers, building loyalty, measuring satisfaction;
8.1.9.for settlement administration;
8.1.10. for debt recovery and collection;
8.1.11. for website maintenance and performance improvement.
8.2. For business planning and analytics;
8.3. For customer safety and protection of company property;
8.4. For other specific purposes for which the Client's consent was received at the time when he provides relevant data to ITVISS SIA. Legal basis for personal data processing
9. ITVISS SIA processes the Client's personal data based on the following data processing purposes:
9.1. for the conclusion and execution of the contract - to conclude the contract at the Customer's request and ensure its execution (a contract also means a verbal agreement on the purchase of goods or services);
9.2. for the fulfillment of regulatory acts - to fulfill the obligation specified in binding external regulatory acts of ITVISS SIA;
9.3. in accordance with the consent of the Client, the data subject;
9.4. in legitimate (legitimate) interests - to realize the existing obligations or the concluded contract between ITVISS SIA and the Client, or the legitimate (legitimate) interests of ITVISS SIA arising from the law.
10. The legal (legitimate) interests of ITVISS SIA are:
10.1. to carry out commercial activities;
10.2. verify the Customer's identity before purchasing certain goods or services;
10.3. ensure fulfillment of contractual obligations;
10.4. save Customer applications and submissions regarding the purchase of goods and the provision of services;
10.5. perform actions to attract and/or retain customers;
10.6. segment the customer database for the more efficient provision of services;
10.7. design and develop goods and services;
10.8. promote its goods and services by sending commercial communications;
10.9. send other reports on the progress of contract execution and events relevant to contract execution, as well as conduct customer surveys about goods and services and their experience of using them;
10.10. prevent fraudulent activities against the company;
10.11. provide corporate governance, financial and business accounting and analytics;
10.12. ensure effective company management processes;
10.13. ensure and improve the quality of services;
10.14. administer payments;
10.15. 10.15 conduct video surveillance for business security;
10.16. to inform the public about their activities.
11. ITVISS SIA processes the Customer's data using modern technological capabilities, taking into account existing privacy risks and the available organizational, financial, and technical resources of ITVISS SIA.
12. ITVISS SIA can make automated decisions regarding the Customer. The customer is informed about such activities of ITVISS SIA separately in accordance with regulatory enactments.
13. Making automated decisions that have legal consequences for the Client (for example, approval or rejection of the Client's application) can only be made in the course of concluding or executing the contract between ITVISS SIA and the Client or based on the Client's explicit consent.
13.1. Protection of personal data
14. ITVISS SIA protects the Customer's data using the possibilities of modern technologies, considering the existing privacy risks and the reasonably available organizational, financial, and technical resources of ITVISS SIA, including using the following security measures –
14.2. Intrusion protection and detection programs;
14.3. Other protective measures, according to the current possibilities of technical development.
14.4. Categories of recipients of personal data
15. ITVISS SIA does not disclose to third parties the Customer's personal data or any information obtained during the provision of services and during the term of the contract, including information about the goods and services received, except for:
15.1. in accordance with the clear and unequivocal consent of the Client;
15.2. to the persons provided for in external regulatory enactments upon their justified request, in accordance with the procedures and to the extent specified in external regulatory enactments;
15.3. in cases specified in external regulatory acts, for the protection of the legal interests of ITVISS SIA, for example, by applying to the court or other state institutions against a person who has violated the legal interests of ITVISS SIA.
16. ITVISS SIA does not transfer Personal Data to third parties, except to the extent necessary for the reasonable implementation of commercial activities, ensuring that the relevant third parties maintain the confidentiality of Personal Data and ensure appropriate protection.
17. ITVISS SIA is entitled to transfer Personal Data to ITVISS SIA's suppliers, subcontractors, strategic partners, and others who help ITVISS SIA and its customers in the conduct of business in order to implement the relevant cooperation. However, in such cases, ITVISS SIA requires from the data recipients a commitment to use the received information only for the purposes for which the data were transferred and in accordance with the requirements of the applicable regulatory acts.
Access to personal data by subjects of third countries
18. ITVISS SIA does not transfer personal data to third countries (outside the European Union and the European Economic Area). Duration of personal data storage
19. ITVISS SIA stores and processes the Customer's personal data as long as at least one of the following criteria exists:
19.1. only as long as the contract concluded with the Customer is valid or the service is provided to the Customer;
19.2. the data is necessary for the purpose for which it was collected;
19.3. while the Client's application is fully considered and/or fulfilled;
19.4. as long as ITVISS SIA or the Client can realize their legitimate interests (for example, submit objections or bring a lawsuit in court) in accordance with the procedures set forth in external regulatory acts;
19.5. while ITVISS SIA has a legal obligation to store data;
19.6. while the Client's consent to the processing of personal data is valid, if there is no other legal basis for data processing.
20. After the conditions mentioned in point 19 end, the Customer's personal data is deleted. Audit records are kept for at least one year from the date of their execution.
21. The Client has the right to receive the information specified in the regulatory acts in connection with the processing of his data.
22. In accordance with the regulatory enactments, the Client also has the right to request ITVISS SIA access to his personal data, as well as to request ITVISS SIA to supplement, correct or delete it, or to limit the processing in relation to the Client, or the right to object to the processing (including the processing of personal data, carried out based on the legitimate interests of ITVISS SIA), as well as the right to data portability. These rights are enforceable insofar as the data processing does not result from the obligations of ITVISS SIA, which are imposed by the current regulatory enactments and are carried out in the public interest.
23. The customer can submit a request for the exercise of his rights in the following way:
23.1. in writing at the office of ITVISS SIA in Riga (address: Bērzaunes Street 11a-8, Riga, LV-1039) or using the postal service;
23.2. in electronic mail, sign with a secure electronic signature and send to the e-mail address - email@example.com.
24. Upon receiving the Customer's request for the exercise of the Customer's rights, Bērzaunes Street 11a-8, Riga, LV-1039, ITVISS SIA verifies the Customer's identity, evaluates the request, and fulfills it in accordance with the regulatory enactments.
25. ITVISS SIA sends the answer to the Client by mail to the contact address specified by him in a registered letter or to an e-mail with a secure electronic signature (if the application is signed and submitted with a secure electronic signature), taking into account the method of receiving the answer specified by the Client, if possible.
26. ITVISS SIA ensures the fulfillment of data processing and protection requirements in accordance with regulatory enactments and, in the event of objections from the Client, takes actions to resolve the objection. However, if this fails, the Client has the right to apply to the supervisory authority - the Data State Inspectorate.
27. The client has the right to receive one free copy of his personal data processed by ITVISS SIA.
28. The receipt and/or use of the information mentioned in Clause 27 of this document may be restricted in order to prevent adverse effects on the rights and freedoms of other persons (including employees of ITVISS SIA).
29. ITVISS SIA undertakes to ensure the correctness of Personal Data and relies on its customers, suppliers, and other third parties who transfer Personal Data to ensure the completeness and correctness of the transferred Personal Data.
30. The customer gives his consent to the processing of personal data (for example, receiving commercial notifications, and personal data analysis) in writing in person at the office of ITVISS SIA or in another place where ITVISS SIA organizes marketing activities.
31. The customer has the right to withdraw the consent given for data processing at any time in the same way as it was given and/or according to the procedure specified in clause 23. In this case, further data processing based on the previously given consent for the specific purpose will not be carried out in the future.
32. Withdrawal of consent does not affect data processing carried out at the time when the Client's consent was valid.
33. By withdrawing the consent, the processing of data, which is carried out within the framework of another legal basis, cannot be stopped.